Skip to content

yfdyh000/AV_Detection_Dump

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits

.vscode

.vscode

 
 

Huorong

Huorong

 
 

Kaspersky

Kaspersky

 
 

Malwarebytes

Malwarebytes

 
 

AV_DUMP.ps1

AV_DUMP.ps1

 
 

CONTRIBUTING.md

CONTRIBUTING.md

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

Repository files navigation

Antivirus Detection Dump

Table of Contents

About

This project contains the CSV files of malware detection names from antivirus software, and a PowerShell script for dumping the detection entries.

Getting Started

Each subfolder contains dump CSV files with vendor's name and date. File name ends with BASE contains names from a vendor's scan engine, and others may be different depended on the sources of detection (e.g. behavior protection).

Prerequisites

To run PowerShell script

  1. Download Windows Sysinternals and add to PATH or install from Microsoft Store.

  2. Disable PPL(Protected Processes Light) using PPLKiller.

  3. Disable Self-Protection Module of AV if possible.

Usage

powershell -executionpolicy bypass -File .\AV_DUMP.ps1 $Name

List of Supported Vendors

Name PPL Need to Disable SP Detection Source Accuracy
Huorong No No BASE High
Kaspersky Yes Yes BASE, PDM Medium
Malwarebytes Yes No BASE, DDS High

About

Malware Detection Name Dump

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • PowerShell 100.0%