Interesting Emsisoft Tests

@emsi: plz recheck the files you used. I looked a bit at the md5 list you posted, and from a first check at least 2000 files are very probably junk (incl. known junk from the year 2006..), which are unprobable to be really worth detecting or present in a test-set. so, the files does not seem to be all that new, you can even check yourself some md5's on virustotals hashsearch and see that some files were uploaded already months ago (when also ikarus/emsi) did not detect them. where do those files come from? some few appear to be most probably manually unpacked and therefore most probably from some av vendor collection (or at least not real world user).
i would too suggest to remove mbam, sas, etc. and eventually re-do the test after having removed (at least the obvious) junk files.

yeah, that's why i do not understand why some people think its a great thing if a vendor adds 5 million "signatures" in a week, but its product is unable to detect replicating stuff like Virut. number of signatures say nothing; well, maybe it says that if a vendor needs too have many signatures it has poor heuristic/generic detection

 

Ye you are really great etc. But besides this: you complain a lot here that testing MBAM this way is kind of unfair. So why do you want to make a headsup between a2 and MBAM by determining which program detects more running malwares? If I got it right a2 is designed to prevent malware from running on a computer. So that way of testing would be even more bullshit?

And honestly, I prefer malware not to be on my computer instead of killing active infections. The insecure feeling whether there really is no active pests running is just bad. Up to this thread I always thought MBAM is a really solid program which I was using a lot... but both the test and the way you argue here and you want to disgrace a2 changed this a lot. Please start to clearly show on your website that MBAM is an addition to existing malware prevention software and behave a bit different. Then I will maybe come back as a customer, thanks.

 

Welcome to Wilders

What has'nt been stated yet is that MBAM realtime Protection module is capable of blocking the active malware it removes.


So there is a correlation between high clean rate and high blocking rate although there is no way a2 tests are capable of reflecting this since none of the test files were active.

The problem is the static file recognition is not good but the software comes into its strenght when the malware/infection process is started or already active

 

I have a simple question to ask...

If MBAM is really only truly effective when Malware is active and running on a system, why does it have the right-click scan built in?

Is there some `special` way that something sitting on the HDD can be detected.From what i gather Malware can only exist in 2 places, either on a drive or in memory.

The battle you AV/S/M guys are fighting is truly an immense task, good luck to all of you.

With respect to the test........well come on now.......!!

 

Where can I find the MD5 list for the AV-C test-set?

Cheers

 

Totally understandable and I am always surprised on some poor souls who are happy that their favourite AV added so many and so much no of signatures in few days/ weeks etc, Moreover some people go one step ahead and even start new threads just to tell us that their favourite AV has added so many signatrures in few days, thinking that it,s going to change the AV world.

 

Gee, I wonder who is threatening you with lawyers? I've seen it here before. It's SOP for one guy. Everytime his software draws a poor review, out come the lawyer threats.

 

Someone asked, if the programs that did poorly on the test are really only truly effective when malware is active and running on a system, why do they have right-click scanning built in? Excellent question.

 

the test is a total scam for normal costumers but many other companies do the same, if you want to test your samples vs other vendors you should not include your software in the list period.

is like you take a math test and you already know all the answers

the story will be diferent if you grab samples from diferent countries and test against those products before sending it to your labs i think it will be more acurated

then we will know how well A-Squared and other companies will handle Brazilian Malware Chinese Malware and Russian Malware

 

Thank you very much for this test Emsi Software!
Some may criticize this test but if you look at all of the other testing sites, the figures are all about the same. The only difference is you tested other programs that suppose to be Anti-Malware products some of which have never been put to the test before. The only real shock to myself was eScan , it did better than what I believe it could do.

SUPERAntiSpyware is excellent for spyware, adware and tracking cookies even though it didn't do so well as a full malware solution, I believe it does its intended job.

It was nice to see Comodo do so well also for a new product almost as good as Nod32 already.

For MBAM, I'm not surprised at all, I have put it to the test several times on many systems with all types of samples and it is really nothing more than a rogue software removal tool. Yes it is a useful product to many users (as a free product), but many believe it to be a complete solution when they buy it and I feel sorry for them when they get multiple infections and have to turn to other products for help. You have to think most of online users are in the novice category, they don't read forums, they just read the products home page or the download site's description and then download and sometimes buy the product. It really isn't fare to them because the description of MBAM doesn't tell them important facts. Just read the description for yourself and pretend that you are a novice user.

Good Day everyone.

 

Unfortunately some people will never learn. Personally, I am done with this topic. Google is the answer to all questions asked in this thread. I will be the 'bigger man' and step away from this thread. Repeated attempts to contact anyone at Emsisoft have failed, funny isn't it.

Mike Nash, it was a pleasure to meet you. Hopefully our next encounter will be a bit more friendly -- I did not mean to put you on the spot, I just wanted to understand the motives.

As for Emsisoft, personally, I wish you the best. I clearly see losing business to us is affecting you to the point that you need to do a test where you come out at the top and then put in very fine print that the results do not count for your product. Why not take the normal route and bundle a toolbar like others do. Regardless, business is business and you clearly showed me that.

To anyone I offended, I apologize. If you have any questions regarding Malwarebytes' Anti-Malware you are always more than welcome at our forums or to contact me via private message here.

I'm going to go back to work on the product -- I urge the others to do the same. Or, you can continue to argue, that works too I suppose, but I will not be part of it.

 

When reading thru this thread I find it quite Entertaining, as for the test results
who cares which product is best and whether or not the results are fake or genuine. because I have a much better strategy which is preventing infection from happening in the first place, so I don't need to rely on products to clean out the malware after the damage is already done and I need to worry if my av or antispyware program will detect all the malware I have. Because I prevent infection from happening in the first place.

 

Where did you send them to? My email is stated on our website: emsi at emsisoft dot com

Try to avoid too many bad words, the spam filter might drop it otherwise.

Didn't find a PM from you here on wilders too.

Btw. will a google search tell me more that your product isn't a full malware scanner, but a complementary tool?

 

Christian, I sent it to info@, and I assure you there were no bad words.

Our product is a full anti-malware tool that scans for Trojans, Worms, Spyware, Adware, Dialers, Rogues, and a limited amount of viruses. There are a multitude of posts on our forums stating that we are a complementary tool to any anti-virus, but not another anti-malware. We encourage a layered approach.

Regardless, let's talk about it via e-mail so I don't have to check this thread anymore.

 

Ok, found your mail in the junk folder. Reply is on the way..

 

I can't agree. MBAM is a very nice little application when computer is infected. If you manage to install and update it, MBAM does its job very well!
I've cleaned many computers with it, where other tools are useless. Especially with it's quick scan. I've dealt much with that "gaop" named rootkit file(s) and MBAM has always been successful. I don't have time to download ~20mb setups and do full scan. Those product's "quick scan" features aren't always as good as MBAM, because MBAM "knows" where to look at malware.

Just my opinion

 

How quick is quick. I reported and submitted a Virut FP a month ago and today's scan result still shows Virut.

http://img525.imageshack.us/img525/772/20090502080052.jpg

 

Could you please submit that file once again? In the scanner, there is a "Report false alert" item in the right click menu on the detected item. That's the best way to submit and ensure that it will be fixed asap.

99% of all reported false alerts are fixed within 24 hours.

 

lol thats a file part of EQS, I find it kinda funny.

"you are urgently advised to block this program" haha lol

 

Is this you? Is that one of your malware researchers next to you?

http://www.facebook.com/people/Marcin-Kleczynski/618993310

Its laughable that you say use Google to see how good MBAM is, when the fact is every test that has ever been performed which includes MBAM has the same results the one by Emsi.

Im confident there are many people who would like to take you up on your challenge and test MBAM against A2 in a live test. There are probably people here from independant testing groups who can conduct such a test.

Could anyone here who is from such a group / organisation let us know if a test can be performed. It would be good to see the results.

 

What about this test?

 

Can the bashing please stop. It is really not needed

But just to say something really quick:

Just because this test shows some products in a bad light, doesn't mean they are bad at all.

And Emsisoft here is some food for thought This is why people use MBAM I'm sure you understand that your product has it's own strengths and weaknesses but so does every product. It doesn't mean they are a complete write off.

http://img515.imageshack.us/img515/5278/42131022.png

 

Well, as long you finance such (absurd) test, I am sure you will find somebody to perform the test desired by you. Keep in mind that no serious, acknowledged tester will accept your test mandate, even not for $$$.

<S>

 

That is not a propper test - read it:

"I went hunting around the seedier side of Hong Kong websites, picking up as many infections as I could find in a 30 minute surfing session, and then seeing how today’s anti-malware software coped"

A real test is one with a known and large sample of malware (real world malware) conducted with a published methodology, like those at http://malwareresearchgroup.com/ - who interestingly have conducted live infection tests.