another test:)

Einsturzende, fair enough. Those are your thoughts and I'm sure PrevxHelp will take those on-board.

Post in the Prevx thread, eg. if a trial was to be offered, would 7 days be reasonable? I think it was discussed in the early stages of the prevx edge product.

 

At every possible point, we make it crystal clear to the user that Edge will not block malware during the evaluation so users are made well aware of what its purposes are. What about the millions of users who are using expired versions of AVs installed by the OEM, thinking that their computers are still secure and protected against new threats? The conventional AV trial version is illogical for users so we want to give users value for an unlimited amount of time.

 

Einsturzende, I'll post your recommendation in the prevx thread. Think it has some valid points.

https://www.wilderssecurity.com/showthread.php?p=1401504

 

I think I already did that earlier

 

All cool, no harm in repeating your earlier request.

 

So did "you" warn users prevx is supplemental product ONLY and should not be used alone (at least in trialing mode)

 

Yes, on installation, Edge shows the message:

"The Prevx Edge Evaluation Version provides a time-unlimited trial of its features. During the evaluation, Edge will identify threats in realtime but will not prevent them from loading."

and our website says, on the Edge product page:

"During the evaluation, Edge will identify threats in realtime, but will not prevent them from loading. This means you can have Prevx Edge installed on your system, always monitoring and offering peace of mind, free of charge."

I've replied to Saraceno in the large Prevx thread here: https://www.wilderssecurity.com/showthread.php?t=225190&page=74

I hate being generic in my responses, but I don't want to end up being misquoted We are actively working on making our evaluation as user-friendly as possible but I can't say anything yet as nothing is written in stone.

(FWIW: It may be worth continuing this discussion in the Prevx thread, just to keep this one on topic )

 

Google has delivered. This time when searching for 'anti malware'.

This champion personally recommends spyware detector. He has graphs and videos showing it in action.




This one popped up in the sponsored links.

 

That is logical conclusion to my question above, but people are hmm... illogical. As a security company, securing your users should be your first goal, isn't it . So please "supplemental only in evaluation period" warning, I would even add detection of main 3rd party antimalware for assurance however that be weird, it is not weirder than your removalless trial.

 

Testing a-squared, of the three, only one installation file was identified as low risk.

I'll see how the first one installs.


Edit update:
Spyware detector is listed in a-squared's malware database as a moderate risk, but it isn't detected by A2 free. Not sure why.
http://www.emsisoft.com/en/malware/?Adware.Win32.SpywareDetector

CureIt, AVZ tool and prevx edge haven't got this one listed as a problem. Did a full scan with each, and A2. As far as I can tell, the 'rogue' program installed some adware junk to the IE browser.


Malware removal bot, the installer was picked up by A2, but once running, isn't detected by A2, CureIt, AVZ tool or prevx edge. Gave some activex alerts, either installed these, or is just listing fake alerts, and pushed to purchase the program.



Both use massive amounts of CPU and RAM. If a user installs these, they can see their computer and patience burning out. This is the resource usage when both were loaded, but started to increase much higher as each minute ticked by. Full 2GB of ram was used up within about five minutes of installing.



Some other tools users use here might pick these up. They are 'crudware'. Just junk conning people out of their hard earned money.
Someone might want to take a closer look at spyware fighter, which is doing the rounds on google.

 

Another update, selecting a quick scan with MBAM picked up the Malware Removal Bot.

This just reinforces what's being said everyday here. No one program is 100 per cent effective. You need a layered approach, relying on more than one tool/program, to ensure a system is clean.

 

this is nice Mb and did you tried A2?thanks for screenshots

 

jmonge, A2 picked up the installer of malware removal bot (which is a success - as a user would remove this right away), but after it was installed and running, didn't detect it.

A2 lists spyware detector in its database as a moderate risk, but didn't detect either the installer or the active running program. But this is just the free version I'm using .

 

ah i see

 

Twister detects 2 trojans in Malware Removal Bot as soon as you start installation. They are unpacked in temp file and then Twister halts the installation:





On the Spyware detector, the only alert is about autostart registry entry and Scotty about service. But such alerts won't make someone suspicious if he thinks it's a real program. It's fraud tool , it "found" spyware on my PC and said that only registered (aka paying) customers can clean it.

I really don't know if non malicious such programs should be flagged by AVs. I mean, i don't know if it's the job of an AV to protect you from "phishing programs", since they come up like fungus, without though hurting the PC.

Maybe they' re more in the antispyware field.

 

True. As long as they aren't deleting valuable info, causing bootup failures, and most importantly, can be uninstalled cleanly, then it's mostly the job for an anti-spyware product.

But at the same time, it's good to see AVs and programs that say they focus on 'spyware' still adding a majority of these programs. Good job with Twister.

These 'rogue' and 'phishing' programs aren't a problem if they appear 20 pages along in a search engine. They are a problem however, when they appear as the main sponsored link, and are paying $$ to stay at the top.

 

I do hope you send these in with PX n other vendors u tested with it but failed

 

Someone should inform google about this problem. Hopefully they will respond by removing these scum from their engines and getting them shut down.

 

Trojan-Downloader/W32.Zlob.816348

 

Good find there Franklin. And a nasty surprise with it. I'll post the website screenshot of that program incase anyone is interested.

Did you test spyware fighter, or is it just a phishing scam?

 

GES/POR, I'll make a list of problem urls in the next day or so. If these pages still exist in a couple of days, I'll start sending the links through to the AV companies.

 

Here is another one, high up in the sponsored links.

Search term, 'malware remover'.

 

Adware Bot? Twisted too!

 

Came up clean at Virus Total and seemed to behave in a VM but some rogues do behave in a VM.

Can't say either way whether it's a rogue as all I'm capable of is basic testing and it needs to be looked at by experts to ascertain it's true nature.