~ Freelancer.com Week #1 ~

Project: I need someone to debug an application's code and review it. Budget 30 bucks.

Bid: I am an experienced developer I can probably review it in an hour.

client: Hi, need you to check if app is contains virus [link to scam website]

me: sure, download supposed "social Bitcoin miner" and run some AV tests...8+ positive flags for a Trojan virus.

>Me: It's a Trojan virus mate it's not legitimate😟

>Client: Can you remove the Trojan virus so that the legit not stays?

Me: Umm there is no bot mate it's just a virus 😕 I wouldn't open it outside a sandbox

Client: But here it says Bitcoin faucet bot [links shitty how-to youtube video]

Me: 😒 it's not real dude you are about to get scammed, I can test it in a VM if you. . .

Client: I opened it already, it's working

Me: 😮 r u sure?

Client: yes, can you install VM for further testing?

Me: sure, in your computer?

Client: yes

Me: just download the windows image and text me when it's done

Client: My disc is full! Only 3 gb left

Me: 😑 call me when you clean it

Client: [ offline ]

"Suggest an AV/AM product, Avast refuses to install."

I do malware research as a hobby and have for a while, so I can generally spot when something's up before I even run a program. If i'm unsure about it (or know something's up and wanna see its effects for S&Gs) I throw it into one of a variety of VMs, each with a prepped, clean, standardized "testing" state.

I see no point to AV/AM products, especially as they annoy me more than anything since they can't be told not to reach into and protect VMs (thereby dirtying up my VM state, my research, crashing the VM hypervisor and generally being *really* annoying) and they like to erase samples from a *read-only, MOUNTED* VHDX.

However, normal people need them, so I usually suggest this list:
• MBAM is good and has a (relatively) low memory footprint, but doesn't have free realtime protection.
• Avast is very good as it picks up a lot, but it eats a FUCKTON of resources. It also *really* likes to crash VM hypervisors if it sees anything odd in them.
• AVG is garbage. Kill it with fire.
• Using Windows Defender is like trying to block the rain with an umbrella made of 1-ply toilet paper.
• herdProtect is amazing as it's basically a VirusTotal client but it's web-based and not currently available to be downloaded. (Existing copies still work!)
• Kaspersky. Yes, it spied on US gov't workers. No, they don't care about anyone BUT US gov't workers. Yes, it's pretty good.
• BitDefender: *sees steam game* "Is this ransomware?"

hope this helps