MRG Team performes their first Real Time test!

Discussion in 'other anti-malware software' started by Astech, Aug 4, 2009.

Thread Status:
Not open for further replies.
  1. CogitoTesting

    CogitoTesting Registered Member

    Joined:
    Jul 4, 2009
    Posts:
    901
    Location:
    Sea of Tranquility, Luna
    CoolWebSearch. Yes indeed I could not believe it as well. Soon you will see more than screenshots; you will be able to see videos of these coming tests. CoolWebSearch is a known spyware and yet Norton recommended it to install as a safe application. Anyway I do not want to be out of subject here since this particular thread has to do with MRG real-time test.

    More info coming soon, this month actually we will start publishing our video tests. However, by what we have tested thus far with a sample of about 70 malware I could tell you that the common denominator between most security software have to do with rogue. Rogue software give most security products a lot of headache. This is quite worrisome.
     
  2. raven211

    raven211 Registered Member

    Joined:
    May 4, 2005
    Posts:
    2,567
    Okay, thank you for clarifying - I think I understand what you mean. I'll report your findings at their official forum right now. I'm looking forward to your testing so I can see what's actually happening. Keep us posted!

    Best regards.
     
  3. TonyW

    TonyW Registered Member

    Joined:
    Oct 12, 2005
    Posts:
    2,741
    Location:
    UK
    I've said this before, but a lot of it is down to classification and understanding what the rogues are actually doing. Some anti-malware programs are better than others at dealing with these; many AVs will tell you the files don't contain malicious code, and they often don't. It's their intention which is the worrisome bit and the problem is how best to detect "intent".

    The applications need more analysis to get a rating of fraud/rogue, but some don't get listed as such by some AMs. Often these rogues have buggy code, but their main objective is to get you to part with your cash to fix supposed errors. Add to that the many variations that appear on an almost daily basis so it's hard to keep up if AMs don't already detect them.
     
    Last edited: Aug 5, 2009
  4. GreenWhite

    GreenWhite Registered Member

    Joined:
    Nov 23, 2004
    Posts:
    110
    Nice to see Mamutu blocked all 22 as well.
     
  5. Astech

    Astech Registered Member

    Joined:
    Jan 17, 2009
    Posts:
    67
    In addition they tested Mamutu, iOrbit 360 and Online Armor++ :)
     
  6. CogitoTesting

    CogitoTesting Registered Member

    Joined:
    Jul 4, 2009
    Posts:
    901
    Location:
    Sea of Tranquility, Luna
    There was a time, not so long ago, when AV companies ignored spyware, but not anymore. However, most of the AV companies have short memories, they are actually dragging their feet with respect to rogue applications. Hopefully sooner rather than later they will wake up from their slumber and deal with these nasties. Please just imagine how tougher life would be without products like MBAM and SAS.
     
  7. the Tester

    the Tester Registered Member

    Joined:
    Jul 28, 2002
    Posts:
    2,854
    Location:
    The Gateway to the Blue Hills,WI.
    It appears that they will continue adding more programs to test. That's good.:thumb:

    I was curious to see how IObit Security 360 would fare.
    Really not bad considering it's new and in beta.
     
  8. Astech

    Astech Registered Member

    Joined:
    Jan 17, 2009
    Posts:
    67
  9. Atomas31

    Atomas31 Registered Member

    Joined:
    Sep 7, 2004
    Posts:
    923
    Location:
    Montreal, Quebec
    +1 on this one:D I really hopes that they will test Malwarebytes ...
     
  10. the Tester

    the Tester Registered Member

    Joined:
    Jul 28, 2002
    Posts:
    2,854
    Location:
    The Gateway to the Blue Hills,WI.
    I'd also like to see MBAM agree and be tested.
     
  11. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,164
    Location:
    UK / Pakistan
    And threatfire to compare with mamutu.
     
  12. Astech

    Astech Registered Member

    Joined:
    Jan 17, 2009
    Posts:
    67
    Yes +1:D
     
  13. Retadpuss

    Retadpuss Suspended Member

    Joined:
    Apr 4, 2009
    Posts:
    226
    Why wouldnt they agree? Which AMs are being tested, have any others backed out?

    Puss.
     
  14. Retadpuss

    Retadpuss Suspended Member

    Joined:
    Apr 4, 2009
    Posts:
    226
    Has anyone seen mamutu in a test? I saw a small test on youtube - using a tiny number of malware examples, but have not seen it in a propper test. I like the idea of somethging that does not rely on signatures as I run shadow defender all the time.

    Puss
     
  15. the Tester

    the Tester Registered Member

    Joined:
    Jul 28, 2002
    Posts:
    2,854
    Location:
    The Gateway to the Blue Hills,WI.
  16. Astech

    Astech Registered Member

    Joined:
    Jan 17, 2009
    Posts:
    67
  17. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,164
    Location:
    UK / Pakistan
    Due to the nature of the product, their decision is valid.
     
  18. Retadpuss

    Retadpuss Suspended Member

    Joined:
    Apr 4, 2009
    Posts:
    226
    I fail to see that - its a rogue test, not an AV test.

    Lets face it, MBAM is useless and they wont allow anyone to test it against other AMs because it will come last.

    Marcin, their CEO has stated here at Wilders that MBAM is a full antimalware - clearly, it is not and they know it.

    In essence, they are admitting MBAM cant compete with AVs in detecting rogues.

    Its time for MBAM to be written off as a serious security product.

    Puss
     
  19. Astech

    Astech Registered Member

    Joined:
    Jan 17, 2009
    Posts:
    67
    I was under the impression that Malwarebytes is good at detecting rogues so I don't see they they pulled out, I guess I was wrong.
     
  20. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,782
    It is,at least in my experiance with MBAM.

    I don't know why they would'nt allow MBAM to be tested.
     
  21. the Tester

    the Tester Registered Member

    Joined:
    Jul 28, 2002
    Posts:
    2,854
    Location:
    The Gateway to the Blue Hills,WI.
    The statement given by MalwareBites for not participating in the test is on the MRG forum.
     
  22. CogitoTesting

    CogitoTesting Registered Member

    Joined:
    Jul 4, 2009
    Posts:
    901
    Location:
    Sea of Tranquility, Luna
    Yes indeed MBAM can compete against any antivirus product when it comes to rogue and MBAM will win by a mile. MBAM as well as SAS are dominating the anti-rogue field. If you do not belive me ask Symantec support.

    MBAM has always been a complement to an antivirus; not a full security on its own.
     
  23. Retadpuss

    Retadpuss Suspended Member

    Joined:
    Apr 4, 2009
    Posts:
    226
    Clearly, Malwarebytes do not share your views on this matter as their statement clearly shows.

    I find it interesting to note that their CEO stated here at Wilders on May 2nd, 2009:

    Our product is a full anti-malware tool that scans for Trojans, Worms, Spyware, Adware, Dialers, Rogues, and a limited amount of viruses

    Marcin Kleczynski
    Malwarebytes President and CEO


    See - https://www.wilderssecurity.com/showpost.php?p=1459329&postcount=172

    Further to this, on May 2nd, 2009, one of their researchers, Ade gill stated:

    “What has'nt been stated yet is that MBAM realtime Protection module is capable of blocking the active malware it removes. So there is a correlation between high clean rate and high blocking rate. The problem is the static file recognition is not good but the software comes into its strenght when the malware/infection process is started or already active”

    Ade Gill
    Malwarebytes Researcher


    See - https://www.wilderssecurity.com/showpost.php?p=1458982&postcount=161

    It is clear from these statements that they are saying:

    1) That MBAM is a full antimalware and that it is designed to detect rogues.
    2) That the MBAM realtime Protection module is capable of blocking the active malware it removes AND that there is a correlation between MBAMs high clean rate and high blocking rate

    Given these statements from the company, it is a fact, based on their own description of their product and its capabilities, that it would have been well suited to the test. It is also a fact therefore that the reasons they give for not participating are false.

    I find it amusing to note that on May 2nd, 2009, their CEO rather arrogantly stated here at Wilders:

    “As the owner of a company that I know will outperform a-squared anti-malware in a live test I am just sitting here with a huge grin knowing they had to resort to this”

    Marcin Kleczynski
    Malwarebytes President and CEO


    See - https://www.wilderssecurity.com/showpost.php?p=1458372&postcount=75

    Its interesting to see that when it comes to actually having it tested in public, he backs down and wont allow it.

    Clearly, they dont want to have someeone call their bluff and show MBAM up for what it really is.

    Puss
     
  24. CogitoTesting

    CogitoTesting Registered Member

    Joined:
    Jul 4, 2009
    Posts:
    901
    Location:
    Sea of Tranquility, Luna
    Hi Retadpuss

    I will be testing MBAM as well as other anti-malware software like SAS; and I will be able to see whether or not MBAM or SAS has good blocking and detection capabilities i.e. can stand on its owns without other anti-virus product. In all likelihood CogitoTesting will publish all its tests within two weeks. Like I offered before if you or anyone has a softeware that they would like CogitoTesting to test please send me a private message at Wilders Security.
     
  25. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,164
    Location:
    UK / Pakistan
    hi, regarding HIPS test i think you must allow first alert that is the execution of malware and deny all the other alerts thereafter and should see if malware can damage the system or not.mere presence of malware files should not be a fail for the HIPS.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.