The definitive list ?

  • Thread starter Thread starter ComPCs
  • Start date Start date
Well, I've got a different questiion. I'd like to have a list of apps
with the following qualifications:

1. They contain viruses, Trojans, worms, and the like which antivirus
scanners normally detect nowdays.
2. They must have Install or Setup files which can be downloaded.
Doesn't matter whether they're freeware or Trialware.

My purpose is to test the ability of the av scanners to alert on the
Install or Setup files.

Preferably, these apps should _definitely_ contain malware, since
I'd prefer not to have to check viability.

I currently have a number of such files which contain mostly Adware.
Kaspersky with extra defs appears to be reasonably effective with
these, but others only detect a few, if any. The vast majority of av
are useless for this purpose.

Since most av are ineffective when it comes to Adware and spyware,
I'd like to focus more on the malware they normally can detect ... and
compare their ability to alert on Install and Setup files.

If anyone has qualms about posting info or links to such files, my
email addy is artsown at epix dot net. Personally, I don't have such
qualms. I'd prefer to see the info posted so that people can be made
aware of which software apps to avoid.

Art

http://home.epix.net/~artnpeg
Free antivirus:
http://www.ik-cs.com/programs/virtools/KASFX.EXE
http://www.claymania.com/KASFX.EXE
http://tinyurl.com/azzkc
Click to expand...

excellent idea Art, such a list would make interesting reading and
possible follow up, looking forward to the list


ban rectum thermometers
 
Heather said:
Hi Joanie!!

And the worst news is that they NEVER fully leave till they are 40 or
more.....they keep on coming back home, lol.

Just kidding, but they do tend to stay with their parents a lot
longer these days. Can't afford to rent a flat on what they make.

Cheers.......Heather
Click to expand...

<lol> Yeah I know she's left home at least twice and is back home in her
last year doing a college course <g>
Joan
 
excellent idea Art, such a list would make interesting reading and
possible follow up, looking forward to the list
Click to expand...

It's easy to find commercial "controversialware" with Setup or Install
files. Keyloggers and port scanners are two examples. The problem is
that only sketchy info can be obtained from these since not all av
detect them. Here's one example:

http://www.ardamax.com
Ardamax Keylogger
Setup file name: setup_akl.exe

Uploading the setup file to Virus Total shows that only KAV, NOD32 and
CAT-QuickHeal alert. Since I have the first two intalled, I was able
to determine that KAV and NOD32 were able to extract and "scan within"
the setup file. They don't depend on doing a sig on the outer shell. I
installed the Keylogger and also installed CAT-QH. It doesn't alert
when scanning the Keylogger folder. It apparently only uses a sig
on the outer shell and that's all.

AV products that do alert on one or more of the installed files
include: AntiVir, Avira, Fortinet, KAV, McAfee, NOD32, Panda,
and The Hacker. So these are some of the products that do
detect such controversialware. Unfortunately, most don't give
the user a clue before the installation process commences, so
the user must rely on his particular realtime monitor. Not the
best way way to do things, IMO.

It can certainly be argued that simply using a sig on the outer
shell of the install and setup files is sufficient ... and there is no
need to get fancy and decompress/extract to "look within". You
couldn't have this "simple sig" approach operational though at the
ISP/gateway level for commercial controversialware. But it seems
to me it would be a boon to have it for rogue software that contains
Adware/Spyware/Trojans that nobody in their right mind would want
to have installed on their machines. It's with these rogue programs
that most av fail miserably.

Art

http://home.epix.net/~artnpeg
Free antivirus:
http://www.ik-cs.com/programs/virtools/KASFX.EXE
http://www.claymania.com/KASFX.EXE
http://tinyurl.com/azzkc
 
Back
Top