Browser and AntiMalWare/antivirus test

i have a link maybe not allow to place it here but maybe in pm's, ok here is the results of the test i did i tested the worse of the worse Iexplorer 6
i dont patch my browser,messenger(msn)or media player ok now put my pop up blocker from Iexplorer on high.if you have iexplorer 6 or down with this test and your antivirus or antimalware don't alert you will get mad trying to close all pop ups, plus the more pop ups you close more pop ups comes freezing your pc and no chance to turn off pc only manually(that's happens after closing the browser)


DefenseWall Hips passed(all pop ups were untrusted and close with one click of mouse )
SpyWare Doctor blocks it(link)
Zemana Antilogger fail
Thretfire beta 4.1 fail
AsQuare Antimalware fail(latest version)
DriveSentry 3.1 fail
SuperAntispyWare Pro fail(latest version)
SpyWare Blaster 4.1 fail
WinPatrol Plus fail

i want to test more later specially those that claim to protect browsers.
note:didnt try the test with firefox(mozzilla)or iexplorer 7 or higher only version 6 the worse of microsoft

 

How abt appguard??

 

PM, Please?
Thanks...Have you tried with RTD or SandboxIE?

 

sounds like a adult site the kings of all pop ups and redirects.Good testing Jmonge and Kudos to DW.

 

Twister gives Trojan alert for that page:

http://img22.imageshack.us/img22/5434/90096971ge0.png

http://img244.imageshack.us/img244/2766/39622704dd2.png

After "catching it", IE 6 in Sandboxie does nothing.

Thanks JMongie.

 

yeap,if you want the link and if you have explorer version 6 very funny

 

note:i use the worse unpatch cause people out there dont patch anything
ofcourse we do for safety,well i dont i have xp2 iexplorer 6 and windows media player 9 and msn messenger 4 nothing patch

 

I have IE7 and opera as my promary browser my hell ya send it over friend if you will please.

 

remember to wath for your antimalware data base to flag it too spyware doctor along with defen
sewall so far the best in this type of test

 

noscript would be a pass too then..

 

i thin opera pass

 

I ran again with Twister disabled, IE6 in Sandboxie and nothing weird happened. I didn't see any infection sign in that page. But, my IE6 is patched...

One thing is sure that the page itself is infected alright (the JS refered to Twister's alerts indicates Java Script for delivery).

Twister flagged 2 copies of each malware file on the disk (4 in total).

Opera in Sandboxie showed nothing. Twister didn't even blink.

 

i tried mamutu on paranoid mode and threatfire beta on lvel 5 security and still fail

 

this is what I got flashing Black and white,I am dizzy from the disco lights.

 

i have another test for tomorrrow about a spyware(rouge antispyware)but i have to confirm some thing before posting

 

So I got a Flashing I am Idiot screen and when I Closed the sanboxie No popups, just the toilet flushing away.LOL

 

very impresive sandboxie and defensewall
with defensewall and iexplorer 6 i got like 60 small pop ups but note that all pop ups were untrusted what i did rigth click stop attack and bye bye pop ups
my poor threatfire beta with level 5 security and mamutu in paranoid mode went nuts

 

I ran it too with : Twister disabled, no Sandboxie, IE6, Shadow Defender on. Result : Apart the "your are an idiot and flashing screen", no ill effect.

My guess is that the problem occurs in non patched IE6 only.

 

maybe,did you tried comodo?

 

I had Comodo on, but it didn't react... So i must presume, nothing executed on my disk.

 

ah

 

Twister reports the malware is javascript in temporary internet files:

\user\current\Local Settings\Temporary Internet Files\Content.IE5\SLEHUV8F\you[1].js

Comodo won't intercept that...

 

O yea I for got my sandboxie is set up with strict limitations what can start/run and have internet Access may have a lot to do with Not seeing anything occur other then the initial Idiot screen.In fact did not see anything in the DW untrusted other what was there before the test.Looks like DW did not even have to back up sandboxie at all.I also looked over files and registry tracks all normal.

 

PM please?

thank you.


Edit: Do not send anything. I have found with google.

Thanks

 

do you have temp folders file types in image execution control enabled?