tested AppRanger

Discussion in 'other anti-malware software' started by jmonge, Aug 31, 2008.

Thread Status:
Not open for further replies.
  1. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    today i tested AppRanger with real Virus and without virtual machine and passed with flying colors:thumb: first time i tested with a new virus anounce by CNN.
    part of email i got is this:"Hi All, I checked with Norton Anti-Virus, and they are gearing up for this virus!

    I checked Snopes (URL above:), and it is for real!!(i deleted the link)
    this virus is very active,appranger block it with no problem.

    Get this E-mail message sent around to your contacts ASAP.

    PLEASE FORWARD THIS WARNING AMONG FRIENDS, FAMILY AND CONTACTS!

    You should be alert during the next few days. Do not open any message with an attachment entitled 'POSTCARD FROM HALLMARK, regardless of who sent it to you. It is a virus which opens A POSTCARD IMAGE, which 'burns' the whole hard disc C of your computer. This virus wil l be received from someone who has your e-mail address in his/her contact list. This is the reason why you need to send this e-mail to all your contacts It is better to receive this message 25 times than to receive the virus and open it.

    If you receive a mail called' POSTCARD,' even though sent to you by a friend, do not open it! Shut down your computer immediately.

    This is the worst virus announced by CNN. It has been classified by Microsoft as the most destructive virus ever.

    This virus was discovered by McAfee yesterday, and there is no repair yet for this kind of virus. This virus simply destroys the Zero Sector of the Hard Disc, where the vital information is kept.

    COPY THIS E-MAIL, AND SEND IT TO YOUR FRIENDS. REMEMBER
     
  2. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    i open the postcard virus and AppRanger alerted me that it was block.
    i was very curious and i wanted to tested taking the risk:D i wanted to try sandboxie but i was scared that it may scape the sandbox.then i decided to test appranger and it passed with flying colors.all my family was here watching the show. also tested againts spyware.exe and Antivirus 2009 so yesterday i went to the dark side and found something like spyware.exe something like that and antivirus2009 and also passed.
    to bad i dont kmow how to make screenshots of the test,i am going to learn so i can post them here.
    note:i only use appranger,winpatrol plus,spywareblaster and defensewall.
    i didnt test defensewall yet but very soon i will.:thumb:
     
    Last edited: Aug 31, 2008
  3. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,215
    If you start testing malware, you ought to have a clean image of your system preferably on a USB harddrive, disconnected from your computer while you're testing.

    I just assume you don't, because of your signature. Even if you are careful mistakes can be made while testing malware.

    I use Gmail which scans for viruses. Infected e-mails are automatically deleted. Thanks for the warning all the same.
     
  4. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    yeap i know,i was brave and in a mood to try it kind of naked:D
    next time i will use returnil and yes i have a file back up for my important files and pictures.but thanks for the advice.
     
  5. Saraceno

    Saraceno Registered Member

    Joined:
    Mar 24, 2008
    Posts:
    2,404
    This will help with your screen-shots: :thumb:

    FastStone Capture (free/full edition)
    http://www.portablefreeware.com/?id=775

    It's good to know you tested AppRanger against Antivirus 2009, as that has caused users many problems.
    The 'postcard from hallmark' email however, might only be a 'hoax', and not a legitimate virus. Emails similar to it can be a virus though. See:
    http://urbanlegends.about.com/library/bl_postcard_virus.htm
    http://antivirus.about.com/od/emailhoaxes/p/postcard.htm


    Then there is other info on the internet saying it is a virus:
    http://www.teknoids.net/?q=node/8114

    Anything resembling an .exe from an email could cause unknown effects.

    See if you can take some screen-shots of AppRanger against Antivirus 2009, as many AV products still can't detect/remove it, and users would be interested to see the alerts AppRanger gives.
     
    Last edited: Aug 31, 2008
  6. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
  7. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,040
    These statements are the classic signs of a hoax. Can you post a link where McAfee confirms it. Also I'd love to see where Microsoft classifies any Virus.

    Back to reality
     
  8. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    BIG VIRUS COMING !!!
    PLEASE READ & FORWARD !!!

    http://WWW.snopes.Com/computer/virus/postcard.asp
     
  9. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    The logo atop the snopes site clearly states that it is RUMOR -- not facts supported by evidence. Even if this rumor eventuates as valid, this is NOT the way to post this sort of info IMO. Bloody close to useless FUD, if you ask me.
     

    Attached Files:

  10. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    so you are saying that the postcard email that i opened was fake?
    so the test was block cause was fake?
    i was ask to post the link here.
     
  11. frstplce

    frstplce Registered Member

    Joined:
    Aug 18, 2008
    Posts:
    2
    If you actually bother to read the entire page on Snopes, you will find out the email isn't very accurate.
     
  12. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    i thouth so , i heard of this attack before,to be honest i was realy scare:D
    but what the heck i like to play around with this kind of attacks.
    also i tried the antivirus2009 that was fun:thumb:
     
  13. alex_s

    alex_s Registered Member

    Joined:
    Aug 13, 2007
    Posts:
    1,251
    So I think any HIPS with Direct Disk Access control should stop it.
     
  14. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    yes indeed cause hips are able to get the unknown:thumb:
     
Loading...
Thread Status:
Not open for further replies.