New Maymoons's Test: Killdisk Malware VS Behavioral Blocker

This is special station for this test.
i want to see how many people download files, which software is popular.

i will upload one file next test.

But i want to little insight for this test.

Thank you. wait my new test. you can use vlcplayer or k-lite codec pack (for the your problem)

sory for you.
i prefer, you download it and show conc.

i have same problem. i am uploading them max 25kb/s. i can upload all files 3 hours. and i cant download anythint this 3 hours.
But i am searching better presentation.

i posted screenshoot my old threat, some peoples sad that "too many screenshoots, like hell"
i was angry. anyway.

i want to transparent test, i want everybody can see all story.

i dont sale anythink, somebady can want download it, somebady cant want.
i cant to satisfy everyone.

You can sure, videos size are too small for 20-30 minutes.
if you download it you can see without any problem
youtube has a stop-play, stop-play problem with the large files.

i uploaded malware collection (5 gibs)
Av vendors sad that "please upload them again to ours ftp"

i uploaded test reports
Members sad that "i wont download them"

i have too hard life

 

Check it doesn't interferer with DefenseWall.

 

Ok, first to thank you guest, so thank you for testing, second I have request for you, could you please test Kaspersky IS 2009? (latest v.506) (please see intriguing screenshot)

 

From 3xist;

Thank you mate. i like Comodos fans. Comodo has many good fans. It will be on the race always

 

Hey guest your doing Good man.IMO the time it takes to extract and watch a video or two is not a big deal with Broadband,however dialup user would suffer and probably would give up after the first.I trust your findings enough if you where to just report as your findings minus the video.

 

You trust. Others

i wont do test with kaspersky. Sory. I have no more time for this category. i am preparing new test.

@Ilya Rabinovich, Defensewall is too popular

 

Maybe you can send me samples to test in vmware myself? I have and can find some samples of killdisk from offensivecomputing but they are not the same

 

sory, i cant send malware files.
i am sending malware only av labs.

And kaspersky for Vista hasnt Low level disc access. (i remember, am i true?)
this is not good for the kaspersky user.

i want to test jiamin AV tonigth. (for myself)
its look like good.

But if i find time, i will test kaspersky for you.

 

Interesting testing guest. It's good how you show you don't take shortcuts, rebooting when necessary, waiting for the program/settings to load.

Only had time to look at a couple tonight, will check more later today.

Mamutu's paranoid mode does seem to make a difference.

 

And DefenseWall, how awesome a program is it?

Great work Ilya.

 

yes, you are right, on Vista to gain "designed for Vista" (or something) logo they must to comply to MS "guidelines" which forbid that kind of "defense" on Vista, and I agree with you " this is not good for the kaspersky user"

Edit: and please do test it if you find some spare time, many thanks

 

Mamutu's paranoid mode has too many alert.
How can user decide its important or it isnt?

i think, it dont give userfriendly message. sad that "suspicious" why? any detailed information? there is no.

 

Just checking out threatfire guest! My wireless connection is a little slow tonight.

 

TF performed fine and without the update database. Maybe it's irritating that doesn't have the "block" feature or that isn't as light as Mamutu, but i have always found it more convincing in default settings. (Mamutu in paranoid mode becomes noisy like a classical hips).

 

Perhaps you could try DriveSentry as well?

 

Guest did that (1st page).

I had installed DS some time ago (when Katie first appeared in the forum), but i had several bugs and most of all, constant CPU usage, which for me was unacceptable. See my post here:

https://www.wilderssecurity.com/showthread.php?t=209764&page=3


Since then they have launched many new versions, but the whole community thing doesn't appeal to me. And last i read, there was a memory leak. So, maybe i will try it again in the future, when it's more mature. But as long as i can have good security with very little CPU usage , i will avoid community based software (i run TF without community support too).

 

I agree. Mamutu on paranoid isn't acting as a behaviour blocker anymore, it's more noisy than a classical HIPS, so you 'd rather run a classical HIPS.


Speaking of which, Comodo with default installation options, got busted, as expected. Since overwriting the MBR can be catastrophic, maybe Comodo should consider activating the "direct disk access" in default installation options. This made all the difference between the first and second part of the testing.


Good tests, interesting for any user.

 

Hi, Ilya.
Thanks. But I have already disabled DW and it makes no difference.
Hugger

 

first 10x alot for your time mate , u do a good job!

for Mamutu lovers , it screw up in all 4 test.
when it set to paranoid mode , its screw "only" one trojan

 

I have to agree with Peter, if the results ain't 'in my face', I'd rather just not bother.

I certainly don't have a few hours to download some rapidshare links, some of us lead busy lives too.

 

And I dont like your comment nor Peter's reason...

 

Looks like you are not the targeted test object.

"i want to count download, per by software... i am needing software popularity rate."
Stand in line and download your favorite video now!
Seems like someone has his head in the clouds.

Cheers

 

I really enjoy reading your tests Guest, thumbs up for you

 

Yeah, really disappointed in Mamutu. For such a fancy program I would have thought it provided much better protection without using paranoid mode.

Mamutu

 

Just wondering?

I have bought A-Squared antimalware which his Mamutu built in.

Now when I was testing it did not give any alerts at all when run in Sandboxie. I let some malware run in Sandboxie and did not see a peep from IDS behaviour blocker untill Avast was warning me of malware via its SMTP scanner which I had not paused.

However when run under normal Vista I have seen plenty of IDS behaviour alerts.

I just wondered whether Mamatu runs properly under a virtual enviorment?

Cheers

Jlo