Malwarebytes Anti-Malware 1.00 Final {1-21-08}

In my search for AVG A-S replacement, I decided to try this one as it was recommended by a fixer.

To my disappointment, there is no way to test the real-time protection, and how it affects system performance, without paying!

There's only a button to "test" whether your system is compatible or not (or something). Hardly a proper test to evaluate real-time protection.

 

MBAM- fully updated
AVG AS- not fully updated
ST- not fully updated

 

Interesting....

Would you mind testing SAS v4 not updated and one with the latest updates?

 

Almost same results( not checked thoroughly), update and un-updated, in both cases.

 

Malwarebytes' Anti-Malware detects malware 1000% better when they are installed and in their proper locations.

 

May be you are right.

Actually it was not possible for me to install so many smaples and then scan and interpret and and ..... It,s beyond my limitis ATM.

But it,s the job of a scanner to stop the malware before it is installed. So i am not sure how MBAM will stand here when u execute these malware.

 

I would be glad to add all of these to the database. They are older samples correct? Feel free to send them to me if you wish. I can be contacted from our website.

 

Good job aigle!

Your test results didn't surprised me at all.

I ONLY use the AV/AS scanners to test my Security setup.
Since a long time ago, I haven't based my Security on the
AV/AS scanners; especially the free ones...

 

@rubber ducky: what about the lack of trial for real-time protection? You can not expect people to properly evaluate it based simply on that "test" button in the free version. It gives no clues as to how it would affect other software and system performance in general.

 

U can PM me if u like.

 

This is Bruce Harrison , the person most responsible adding definitions to MBAM .

It would be far more helpful to have the links to sites currently installing this missed malware . If these are from other sources like P2P malware or other current install vectors please let me have them as well .

If these are from long dead attack vectors one wonders why a new antimalware company would spend a lot of time defending against malware that our users will never come in contact with .

If we were a lesser company we would download the hundreds of thousands of dead infections so we could claim to have a huge database that in truth would defend against nothing more than the one we have .

I have no plans to take any steps to pass tests based on anything other than what our users will actually be attacked by in the real world .

 

@lordpake: we are still working on a trial version.

 

okay

 

Oh, and if somebody purchases it and they do not like it, or it is incompatible with their current setup, we will offer a full refund.

 

Many of them might be old but some are just recent, I got from infected PCs here, they are missed as well. I am not an expert and not interested in any tests etc as well. Just one user requested and i scanned my collection. I though I might share it here, may be my mistake.

If u want the samples, PM me.

 

That would help a lot .

Your location indicates one possible issue .

I wonder if some of these samples are regional .

Im am pinging you my personal email .

Please zip and send only the samples that you have taken from recently infected machines , if possible .

 

PMed u the link. I can,t sort them, that,s upto u.

 

Thanks for the samples .

Having them unsorted will be a problem though .

It forces me to choose between adding defs from malware I collect from my current sources and research and adding defs just to make us do better on your test .

 

Some samples are not even malware, there are POCs, leak tests, utilities and corrupted samples as well but most are real malware. But please just go on with ur preferences. It,s ur expertise n field. No more tests from me. Let,s wait for some real users experiences.

BTW here two are very common:

Brontok worm( data moon.exe in the samples).
Perlovga/ copyself worm

Both use USB flash sticks to spread. Both are not detected. Check the folder 'USB hidden' worm also.

 

A new version has been released today:

Version 1.07

1. (FIXED) Items in Swedish translation.
2. (FIXED) Minor problems with scanner.

 

very interesting screenies aigle. it looks like that AVG detects the most malware
in your collection even a lot more than super antispy ware. I thought super anti spyware was much better than that.

aigle where do you get all that malware from and how do you contain it?? because I want to do some tests of my own with some other anti malware products.

 

Since Malwarebytes Anti-Malware was tested when it first came out (version 1.00), it would be a good idea to retest it because the latest version is 1.07 and many updates and improvements have been made since 1.00

 

That is only half of the issue here though .

We will not be adding defs that have no ability to protect our users . The only test I care about is one that involves real malware from real computer use on todays internet .

If its been dead for years then why would we go after it ?

There are many antimalware applications with defs in the hundres of thousands that will not stop malware that can be downloaded today .

@arron If you do make sure to make it clean that it is a legacy malware test and does not reflect the software's ability to protect against todays threats . That is you use the same samples used in this test . Tere were samples from as far back as 1998 .

 

As I said before I am not going to test any more. Infact it was never a test indeed.

I agree with that.

 

A collection over last two years. They will not harm unless u click them. But of course I keep them tied with ropes.

Zipped with password or in folder marked untrusted with HIPS/ Sandbox etc.