Discussion in 'General Chat' started by CyberKnight, Dec 4, 2018.

  1. CyberKnight

    CyberKnight is a Verified Warez PosterCyberKnight Registered User

    Apr 5, 2017
    Likes Received:
    Lately, observed members reporting potential virus on program using "VirusTotal" results.
    Some even reported program with detection ratio of <10% (aka >90% clean).
    This make our hardworking moderators work even harder.

    Maybe there should be some guidelines on when to report a suspicious program.

    [1] VirusTotal
    What is a recommended trigger value on the detection ratio ?
    e.g more than 15% of the engines reported potential virus infection

    Anyone has experience on a reasonably safe detection ratio ?

    [2] SandBox Environment

    If [1] (e.g detection ratio > 15%) is met, the member preferably test the program under a SandBox environment.
    From the SandBox environment, changes made can be observed.
    If there are suspicious activities, then it is time to inform Moderators of potential virus threats.

    What do you folks think ? ;)

    SandBox Environment
    When testing an unknown or suspicious program (e.g. keygen, patcher etc), use a sandbox environment.
    Changes are made in this sandbox environment, which is isolated from the rest of your system.
    This keep you safe from unstable & malicious program, part of an adware bundle, or even a virus.
    And all you have to do is ... simply delete the offending article from your system.

    Virtual Environment
    It is more difficult to tell where the changes are made in a virtualized enviroment.
    But it does keep the rest of the system isolated.
    SandBox Environment
    [1] Sandboxie

    [2] Shadow Defender

    [3] SHADE Sandbox

    Virtual Environment
    [4] VirtualBox

    [5] VMWare Workstation
    Last edited: Dec 4, 2018
  2. sxzbisid

    sxzbisid is a Trusted Warez Postersxzbisid DEV Guild Member DEV Guild Reverser

    Jul 11, 2017
    Likes Received:
    I would suggest prioritize reports of serious AV engines instead of detection ratio, there's a lot of "no-name" AV engines on the list reporting every exe packer ever used for a malware.

    And what is serious AV engine? I vote for Eset, Kaspersky, Avast, BitDefender and AVG.