after some tests my thoughts.

Discussion in 'other anti-malware software' started by simisg, Sep 24, 2009.

Thread Status:
Not open for further replies.
  1. simisg

    simisg Registered Member

    Joined:
    Nov 6, 2008
    Posts:
    410
    Location:
    Greece
    Yesterday i have made some tests against some new threats from malwarebytes forum.... im really disapointed because : avast,antivir, panda cloud,mse,rising free not really protect my xp sp3 virtual machine (all antiviruses are installed inside the guest virtual system) from infections all these antiviruses detect many threats (not all) but most of the threats passed and after the detection..... i must say that i have run the exes of the malware most of the times. After run all malware exes always find that my virtual system is infected... i must say thanks to malwarebytes , superantispyware, hitman pro,a-squared for disinfect me every time and give me back the control of the virtual machine. Also i must say only threatfire (from the products i test) detect-prevent and kill for true most of the malware.
    After that i believe its nice to detect the malware but must prevent and the infection of the machine also.....
    behavior blockers and hips are the must for real protection!
     
    Last edited: Sep 24, 2009
  2. Lebowsky

    Lebowsky Registered Member

    Joined:
    Dec 3, 2004
    Posts:
    161
    I would say i agree with you on that 100%.
    I dont have any experience with Threatfire though, am checking out their website now:http://www.threatfire.com/features/
     
  3. Franklin

    Franklin Registered Member

    Joined:
    May 12, 2005
    Posts:
    2,517
    Location:
    West Aussie
    MBAM's still pretty good and probably has the best cleanup after a rogue install.

    MBAM.JPG
     
  4. Cerxes

    Cerxes Registered Member

    Joined:
    Sep 6, 2005
    Posts:
    581
    Location:
    Northern Europe
    That's because your AV on the host doesn't alert for threats inside your VM. Install your AV in the guest OS as well, then it will work (if it has the signatures).

    /C.
     
    Last edited: Sep 24, 2009
  5. andyman35

    andyman35 Registered Member

    Joined:
    Nov 2, 2007
    Posts:
    2,336
    If your AV has a webguard that'll of course protect the Guest OS from malicious downloads too.
     
  6. Lebowsky

    Lebowsky Registered Member

    Joined:
    Dec 3, 2004
    Posts:
    161
    Is that what he meant? :blink:
    Maybe i misunderstood, i thought he conducted the test in a Guest Account, and also installed the anti-malware apps. in it, to test them.
    I dont think he meant "if the anti-malware apps. are on the Host OS, why dont they protect the guest OS."
     
  7. Cerxes

    Cerxes Registered Member

    Joined:
    Sep 6, 2005
    Posts:
    581
    Location:
    Northern Europe
    Even a software firewall on your host wont protect your guest OS. One have to install/activate it in the guest OS as well. Regard the guest OS in the VM as an other physical machine.

    /C.
     
  8. simisg

    simisg Registered Member

    Joined:
    Nov 6, 2008
    Posts:
    410
    Location:
    Greece
    cerxes i have installed all these antiviruses inside the virtual quest system im not a novice user......what are you talking about.... i know how to make a test :) the test is inside the guest os!!!! Im not talking for protection from host os to the guest os. Only some network and web shields can do that!
    I know my english is not good but try to read carefully other time.
     
    Last edited: Sep 24, 2009
  9. wat0114

    wat0114 Guest

    Isn't it easier just to restore to a clean snapshot, or am I missing something?
     
  10. simisg

    simisg Registered Member

    Joined:
    Nov 6, 2008
    Posts:
    410
    Location:
    Greece
    yes but i choose the the hard way most of the times to see the disinfection possibilities......
     
  11. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    malwarebytes is a good desinfector;)
     
  12. Lebowsky

    Lebowsky Registered Member

    Joined:
    Dec 3, 2004
    Posts:
    161
    :D i thought so.
     
  13. simisg

    simisg Registered Member

    Joined:
    Nov 6, 2008
    Posts:
    410
    Location:
    Greece
    other good software i use for disinfection is hijackthis and regrun reanimator
    also snapshots of registry and some antirootkits like gmer
     
  14. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    cool;) i know by doing the clean up the hard way you get to know what works or what doesnt:D
     
  15. simisg

    simisg Registered Member

    Joined:
    Nov 6, 2008
    Posts:
    410
    Location:
    Greece
    yes! and you learn all windows .dll files :)
     
  16. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    good stuff;)
     
  17. andyman35

    andyman35 Registered Member

    Joined:
    Nov 2, 2007
    Posts:
    2,336
    I can only speak for avira webguard but see the enclosed screenshot of a malicious url being blocked in the guest with Avira installed on the host.
     

    Attached Files:

  18. simisg

    simisg Registered Member

    Joined:
    Nov 6, 2008
    Posts:
    410
    Location:
    Greece
    this is not our subject open new thread if you want......
     
  19. buckslayr

    buckslayr Registered Member

    Joined:
    Jun 1, 2009
    Posts:
    484
    Location:
    Michigan, USA
    Try Prevx. It seems to catch everything thrown at it.
     
  20. Cerxes

    Cerxes Registered Member

    Joined:
    Sep 6, 2005
    Posts:
    581
    Location:
    Northern Europe
    O.k, apparently I´ve missed the sentence between the parenthesis somehow. Besides that, your explanation of the intention with your test is hardly crystal clear either so...

    /C.
     
  21. simisg

    simisg Registered Member

    Joined:
    Nov 6, 2008
    Posts:
    410
    Location:
    Greece
    yes prevx is good but not free...... threatfire is free and also catch everything thrown at it(level 4 in realtime protection is better)! also hitman pro is very strong in disinfection
    behavior is the future.....
     
  22. PROROOTECT

    PROROOTECT Registered Member

    Joined:
    May 5, 2008
    Posts:
    1,102
    Location:
    HERE ...Fort Lee, NJ
  23. simisg

    simisg Registered Member

    Joined:
    Nov 6, 2008
    Posts:
    410
    Location:
    Greece

    some time in the past i have seen this site before.... do you know what this software is? is it safe i dont know nothing about vendor.... an the first page of the site is strange
     
  24. simisg

    simisg Registered Member

    Joined:
    Nov 6, 2008
    Posts:
    410
    Location:
    Greece
    ok nevermind i found a readme from vendor inside i will test it.......... but it has no realtime protection....and no disinfection
     
Loading...
Thread Status:
Not open for further replies.