Discussion in 'other anti-malware software' started by jmonge, Dec 31, 2009.
grab a bag of pop corn and a 2 litle pepsi
i hate pepsi so i will get coca cola 10x for the info
PS : where your DW sig gone again
hmm, not really impressive - thats expected from my point of view.
Detecting malware and ip-blocking (since 1.40)...
MBAM is a good on-demand assistant to "more complete" antivirus-software,
i miss too many features.
While I'm glad it obviously CAN block malware, the "test" done was nowhere close to being adequate to prove anything. Now mind you, I'm not saying anything bad about the product, just the extremely simplistic test. Up until recently I used MalwareBytes. It seems to conflict with Panda Cloud AV in that, with Malwarebytes running Panda doesn't want to seem to start according to Pandas' tray icon. However a look in task manager showed Pandas' processes still active.
Still, it's not a conflict I like.
Have you posted that over at the Panda Cloud forums? Panda's staff may want to try to figure out whats going wrong.
demoneye i have 3 computers
so use 3 accounts one must hold DW sig
i have 3 licences but only in 2 pcs for now when i am done testing appranger,then i will put it in my pc also
I dont think Id trust a test from a guy who cant copy and paste a simple link in notepad.
man just dont look at that just read the .exe's, if you can see he uses very nasty stuff
in my opinion malwarebytes did very good try this links with avast or other antiviruses and see the results then scan with mbam and you will see that the antiviruses missed more and leave alot of junk bahind,i see this alot in videos in youtube may not be profesional but it is an honest in your face litle test
I am with you guys when it comes to wishing there were more URLs used here , our internal testing uses many thousands of live links .
After reading some of the comments here I am interested in hearing from you guys just how many URLs it would take to constitute a noteworthy test in you eyes .
well usually all it takes is one bad link to infect esp in the real world scenario but my issue is that mbam gets terminated easily while attempting to quarantine certain threats....wish that was rectified
I doubt many amateur testers would want to put in the effort, but I'm satisfied with 50 random samples/URLs. Too many people, including certain computer magazine testers, use the same samples over and over again. It just isn't an accurate test in my opinion when you do that. This may sound strange but, imho, people are less likely to run into the well-known malware samples than they are samples that have been floating around for a while and less active.
It's great if your AV catches the "Confickers" of the world, but if it can't catch that random keylogger or rootkit, well, you're screwed. All I mean is that too many testers limit themselves to a very small, and sometimes specialized, set of samples
Most of the urls(I think almost all of them) were from MDL I am quite sure for that. But anyways MBAM blocked all the attacks the first one being dead link. The tester may be amateur but the links weren't and I think MBAM did very good job especially the IP blocking I have never tried MBAM real time so was quite surprised how it effectively did the job and giving all the big software vendors a run for their money.
With malicious urls, I would want to see the same ones tested on each product in a given time period 1-2 days.
It would be hard to do, and require more testers, but if one url sinks one program (ThreatFire for example), if the next program isn't tested against that url, but passes all 10/10, then how do I know if that one url would have created problems for all the other programs.
Don't take me the wrong way, I know malwarebytes is an excellent program, and I've always used it. But when a tester re-scans with malwarebytes, and MBAM picks up 5 problems, what's to say that is all that is left. For example, re-scanning with Dr Web CureIt might pick up 4 more problems, and a-squared might find an additional 3. :/
As DW said, larger sample size needed, and they can't be all from the one source (malwaredomainlist) as one vendor might add these faster than another, but these don't necessarily represent what's in circulation affecting the majority of users (yes it may be in circulation, but is it an accessible URL?). It's tough one, with no easy answer.
Overall, am impressed with the new features in MBAM.
My version of Malwarebytes is not detecting the exe in the 3rd link using on-demand scan. I like watching these videos but, I'd like to know if all the files that get executed are 100% malware.
its all a russian rolette
Its not the volume of URLs but its who is testing. Tests conducted by reputed independent testers like AV-Comparatives, AV-Test or VB even with smaller sets are more likely to be credible.
The only credible tests for me are real world where MBAM has helped me on most occassions in getting rid of a rogue infection which seem to be the most prevalent these days.
I agree in the real world MBAM has saved my cooster too ... many times. But when it comes to proper tests, its best to have it done by respected experts.
Agreed with MBAM saved me from various infections but I am being my own expert and give my own conclusions.
Sure. If you are your own expert its immaterial how many URLs are needed.
But if you are going to publish a seemingly credible test (as asked by nosirrah), best to hand over the job to reputed & neutral professionals first and then worry of number of samples/URLs. Without the first the later is almost nonsensical.
compare MBAM with EsetAV or Avira - or Kaspersky - to give some names.
They offer much more compared by pricing.
can you provide details?
Work from home free of charge and I usually work on several infected machines a week.
The last two were infected by Security Tool and Antivirus Live.
Both are exe killers where mbam may need to renamed, extension changed or ran from safe mode but I'm sure you know how to go about it.
If the installer for these rogues are unknown then they will usually disable your resident realtime security at install and trust me, people just don't know and do install.
Separate names with a comma.