Malware Defender 2.2.0 beta

Sorry I could not understand. Can you explain a bit more pls? Thanks

 

if you run a new file or a file that was saved and if you have the denny rules write/delete/modiffy then the action will be denny cause of the rule(denny)doesnt matther is the file is new to system or if you saved it and then run it,it will be block for any changes sorry for my bad english

 

You should because tzuk and xiaolin face the same PatchGuard hurdle. Can 64-bit versions of MD or Sandboxie (or any HIPS/sandbox app) be as effective as their 32-bit versions? Apparently not, based on my reading of a recent post by tzuk in the Goodbye Sandboxie thread (emphasis mine):

"I don't hate 64-bit. I tried to support 64-bit a few years ago but then Microsoft revised 64-bit Windows to be even more restrictive towards security software.

So at that point I needed to decide if I'm going to be like many security software makers who silently disable some (or a lot) of the security features in their 64-bit products, just so I can still offer and sell Sandboxie on the new platform.

And I decided against that. Instead I'm saying that it's not right to restrict the Windows platform this way, and that I'm not going to support that. If you're not part of the solution then you're part of the problem, right?

Another reason is that I don't want to be in the position that I offer a security product which can be easily circumvented, and I can tell you that this is absolutely going to happen with 64-bit Sandboxie, because all these new restrictions prevent Sandboxie from being able to monitor/supervise some very important things.

I know this does happen with anti-virus products (and has been happening for years) that they are disabled by viruses, and is accepted as a fact of life. But I'm not going to put my name on a product that ends up being a joke.

If I do end up having to port Sandboxie to 64-bit then it will be under a different name so it doesn't taint the Sandboxie brand with promises about security that it can't possibly deliver.

Of course, if the restrictions are removed, then I will be happy to resume full support for the 64-bit edition of Windows."

 

interesting. there are already a couple of other security products with 64-bit versions which I am interested in. which are Deep Freeze and Kaspersky 2010 with its HIPS and Sandbox. So it is possible to have 64-bit security product versions in the market.

If it is true about Microsoft making all these restrictions on 64-bit operating systems making it harder for security products to work properly, then I wonder how well Kaspersky 2010 is working with its hips and sandbox?? I think we maybe need to test it. Kaspersky 2010 could end up being later on the one and only Best HIPS and Sandbox for windows 7 64-bit lol. But I would'nt have any file and folder rules

 

But did you compare protection strength of their 32 and 64-bit versions? Why do you think it's the same?

 

It kinda looks like I will be stuck with 3.5-4 GB Ram through out all Eternity

 

The developer have to use user mode hooks to implement some protections. There may be no way to protect these protections from being bypassed by malware.

 

hi xioalin any new updates?thanks

 

for sure not signiture updates

 

From this poll it looks like 64-bit version will be more popular as soon as windows 7 arrives.
https://www.wilderssecurity.com/showthread.php?t=246329

xiaolin can you elaborate on what RULES in MD will be weakened in strength
in a 64 bit version?

Ilya Rabinovich and other vendors feel free to post, I want to know how windows 64 bit is going to weaken security products in terms of what abilities
they will be limited to.

For example is security products still going to be able to block Root kits installations?

are they still going to be able to block programs from Executing??

 

Hi xiaolin

1. Is Malware Defender able to detect FUD keylogger, Trojan and so on?
2. Is Malware Defender able to protect users from stealer program such as iStealer?

Thanks

 

For those who haven't read tzuk's (SandBoxie developer) take on 64 bit, here it is:

The guy is not simply ranting over nothing. Clearly he is brilliant on technical matters concerning Windows security, so these statements carry a lot of merit. If you read what xiaolin posted earlier, one could conclude there is a correlation to tzuk's statements citing similar concerns about the limitations of 64 bit Windows on security software.

 

It, mostly, depends on the ways vendors use to bypass PatchGuard limitations. Many are using application-level hooks can be easily bypassed.

 

Brand integrity will pay off in the long run

 

I think you should change product name. It sounds like too much of another rogue security product called Malware Defender:
http://www.bleepingcomputer.com/virus-removal/remove-malware-defender-2009

 

you mean malware defender2009

 

Yep and I have a bad feeling it will release Malware Defender v3 soon.

 

ah i see

 

this malware defender2009 Rouge annoys me, it is an insult to MD.

I have Been giving MD a little exercise today and testing it with some Kill Disk Trojans Guest sent me. as expected MD did a good job. One of them I tested was the one which bypassed Returnil Pro and according to virus total only 7 out of 40 AV's detect it lol.

 

I also witnessed Returnil being bypassed by a few KillDisk / Klone malware in other tests.
What about Defensewall and Sandboxie? Do you test them too if it's possible?

 

No but others have tested sandboxie so it passes.

I haven't tested defense wall either But I think it would pass.

I have only tested MD and Deep Freeze.

 

did MD passed your test?thanks

 

Yes and deep freeze also passed my 3 Kill disk tests.

 

cool i knew it it will passed