Browser and AntiMalWare/antivirus test

Discussion in 'other anti-malware software' started by jmonge, Feb 3, 2009.

Thread Status:
Not open for further replies.
  1. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    i have a link maybe not allow to place it here but maybe in pm's, ok here is the results of the test i did;) i tested the worse of the worse Iexplorer 6:)
    i dont patch my browser,messenger(msn)or media player;) ok now put my pop up blocker from Iexplorer on high.if you have iexplorer 6 or down with this test and your antivirus or antimalware don't alert you will get mad trying to close all pop ups, plus the more pop ups you close more pop ups comes freezing your pc and no chance to turn off pc only manually:D(that's happens after closing the browser)


    DefenseWall Hips passed(all pop ups were untrusted and close with one click of mouse:thumb: )
    SpyWare Doctor blocks it(link)
    Zemana Antilogger fail
    Thretfire beta 4.1 fail
    AsQuare Antimalware fail(latest version)
    DriveSentry 3.1 fail
    SuperAntispyWare Pro fail(latest version)
    SpyWare Blaster 4.1 fail
    WinPatrol Plus fail

    i want to test more later specially those that claim to protect browsers.
    note:didnt try the test with firefox(mozzilla)or iexplorer 7 or higher:) only version 6 the worse of microsoft:)
     
    Last edited: Feb 3, 2009
  2. Criss

    Criss Registered Member

    Joined:
    Oct 3, 2008
    Posts:
    186
    How abt appguard?? :)
     
  3. _kronos_

    _kronos_ Registered Member

    Joined:
    Dec 8, 2008
    Posts:
    126
    PM, Please?:)
    Thanks...Have you tried with RTD or SandboxIE?:D
     
  4. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    sounds like a adult site the kings of all pop ups and redirects.Good testing Jmonge and Kudos to DW.
     
  5. Fuzzfas

    Fuzzfas Registered Member

    Joined:
    Jun 24, 2007
    Posts:
    2,753
    Last edited: Feb 3, 2009
  6. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    yeap,if you want the link and if you have explorer version 6 very funny;)
     
  7. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    note:i use the worse unpatch;) cause people out there dont patch anything
    ofcourse we do for safety,well i dont:D i have xp2 iexplorer 6 and windows media player 9 and msn messenger 4 nothing patch:)
     
  8. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    I have IE7 and opera as my promary browser my hell ya send it over friend if you will please.
     
  9. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    remember to wath for your antimalware data base to flag it too;) spyware doctor along with defen
    sewall so far the best in this type of test:thumb:
     
  10. chris2busy

    chris2busy Registered Member

    Joined:
    Jun 14, 2007
    Posts:
    477
    noscript would be a pass too then..
     
  11. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    i thin ;) opera pass
     
  12. Fuzzfas

    Fuzzfas Registered Member

    Joined:
    Jun 24, 2007
    Posts:
    2,753
    I ran again with Twister disabled, IE6 in Sandboxie and nothing weird happened. I didn't see any infection sign in that page. But, my IE6 is patched...

    One thing is sure that the page itself is infected alright (the JS refered to Twister's alerts indicates Java Script for delivery).

    Twister flagged 2 copies of each malware file on the disk (4 in total).

    Opera in Sandboxie showed nothing. Twister didn't even blink.
     
  13. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    i tried mamutu on paranoid mode and threatfire beta on lvel 5 security and still failo_O :D
     
  14. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    this is what I got flashing Black and white,I am dizzy from the disco lights.
     

    Attached Files:

  15. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    i have another test for tomorrrow about a spyware(rouge antispyware)but i have to confirm some thing before posting;)
     
  16. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    So I got a Flashing I am Idiot screen and when I Closed the sanboxie No popups, just the toilet flushing away.LOL
     
  17. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    very impresive sandboxie and defensewall;)
    with defensewall and iexplorer 6 i got like 60 small pop ups but note that all pop ups were untrusted what i did rigth click stop attack and bye bye pop ups:)
    my poor threatfire beta with level 5 security and mamutu in paranoid mode went nuts:D
     
  18. Fuzzfas

    Fuzzfas Registered Member

    Joined:
    Jun 24, 2007
    Posts:
    2,753
    I ran it too with : Twister disabled, no Sandboxie, IE6, Shadow Defender on. Result : Apart the "your are an idiot and flashing screen", no ill effect.

    My guess is that the problem occurs in non patched IE6 only.
     
  19. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    maybe,did you tried comodo?
     
  20. Fuzzfas

    Fuzzfas Registered Member

    Joined:
    Jun 24, 2007
    Posts:
    2,753
    I had Comodo on, but it didn't react... So i must presume, nothing executed on my disk.
     
  21. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    aho_O
     
  22. Fuzzfas

    Fuzzfas Registered Member

    Joined:
    Jun 24, 2007
    Posts:
    2,753
    Twister reports the malware is javascript in temporary internet files:

    \user\current\Local Settings\Temporary Internet Files\Content.IE5\SLEHUV8F\you[1].js

    Comodo won't intercept that...
     
    Last edited: Feb 3, 2009
  23. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    O yea I for got my sandboxie is set up with strict limitations what can start/run and have internet Access may have a lot to do with Not seeing anything occur other then the initial Idiot screen.In fact did not see anything in the DW untrusted other what was there before the test.Looks like DW did not even have to back up sandboxie at all.I also looked over files and registry tracks all normal.
     
  24. erreale

    erreale Registered Member

    Joined:
    May 2, 2004
    Posts:
    22
    PM please?

    thank you.


    Edit: Do not send anything. I have found with google.

    Thanks
     
    Last edited: Feb 3, 2009
  25. chris2busy

    chris2busy Registered Member

    Joined:
    Jun 14, 2007
    Posts:
    477
    do you have temp folders file types in image execution control enabled? :rolleyes:
     
Loading...
Thread Status:
Not open for further replies.