MalWareBytes Real Time Test :)

Discussion in 'other anti-malware software' started by jmonge, Dec 31, 2009.

Thread Status:
Not open for further replies.
  1. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
  2. demoneye

    demoneye Registered Member

    Joined:
    Dec 30, 2007
    Posts:
    1,356
    Location:
    ISRHell
  3. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    1,732
    hmm, not really impressive - thats expected from my point of view.
    Detecting malware and ip-blocking (since 1.40)...
    MBAM is a good on-demand assistant to "more complete" antivirus-software,
    i miss too many features.
     
  4. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    While I'm glad it obviously CAN block malware, the "test" done was nowhere close to being adequate to prove anything. Now mind you, I'm not saying anything bad about the product, just the extremely simplistic test. Up until recently I used MalwareBytes. It seems to conflict with Panda Cloud AV in that, with Malwarebytes running Panda doesn't want to seem to start according to Pandas' tray icon. However a look in task manager showed Pandas' processes still active.

    Still, it's not a conflict I like.
     
  5. Ibrad

    Ibrad Registered Member

    Joined:
    Dec 8, 2009
    Posts:
    1,949
    Have you posted that over at the Panda Cloud forums? Panda's staff may want to try to figure out whats going wrong.
     
  6. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    demoneye i have 3 computers;)
     
  7. demoneye

    demoneye Registered Member

    Joined:
    Dec 30, 2007
    Posts:
    1,356
    Location:
    ISRHell
    so use 3 accounts :D one must hold DW sig ;)
     
  8. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    i have 3 licences but only in 2 pcs for now when i am done testing appranger,then i will put it in my pc also;)
     
  9. whitedragon551

    whitedragon551 Registered Member

    Joined:
    Sep 30, 2008
    Posts:
    3,188
    Location:
    USA
    I dont think Id trust a test from a guy who cant copy and paste a simple link in notepad.
     
  10. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    man:D just dont look at that just read the .exe's, if you can see;) he uses very nasty stuff:D
     
  11. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    in my opinion malwarebytes did very good:) try this links with avast or other antiviruses and see the results;) then scan with mbam and you will see that the antiviruses missed more and leave alot of junk bahind,i see this alot in videos in youtube:D may not be profesional but it is an honest in your face litle test:cool:
     
  12. nosirrah

    nosirrah Malware Fighter

    Joined:
    Aug 25, 2006
    Posts:
    561
    Location:
    Cummington MA USA
    I am with you guys when it comes to wishing there were more URLs used here , our internal testing uses many thousands of live links .

    After reading some of the comments here I am interested in hearing from you guys just how many URLs it would take to constitute a noteworthy test in you eyes .
     
  13. kasperking

    kasperking Registered Member

    Joined:
    Nov 21, 2008
    Posts:
    406
    like....?

    well usually all it takes is one bad link to infect esp in the real world scenario but my issue is that mbam gets terminated easily while attempting to quarantine certain threats....wish that was rectified
     
  14. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    I doubt many amateur testers would want to put in the effort, but I'm satisfied with 50 random samples/URLs. Too many people, including certain computer magazine testers, use the same samples over and over again. It just isn't an accurate test in my opinion when you do that. This may sound strange but, imho, people are less likely to run into the well-known malware samples than they are samples that have been floating around for a while and less active.

    It's great if your AV catches the "Confickers" of the world, but if it can't catch that random keylogger or rootkit, well, you're screwed. All I mean is that too many testers limit themselves to a very small, and sometimes specialized, set of samples
     
  15. icr

    icr Registered Member

    Joined:
    Sep 6, 2008
    Posts:
    1,588
    Location:
    Mumbai
    Most of the urls(I think almost all of them) were from MDL I am quite sure for that. But anyways MBAM blocked all the attacks the first one being dead link. The tester may be amateur but the links weren't and I think MBAM did very good job especially the IP blocking I have never tried MBAM real time so was quite surprised how it effectively did the job and giving all the big software vendors a run for their money.:p
     
  16. Saraceno

    Saraceno Registered Member

    Joined:
    Mar 24, 2008
    Posts:
    2,404
    With malicious urls, I would want to see the same ones tested on each product in a given time period 1-2 days.

    It would be hard to do, and require more testers, but if one url sinks one program (ThreatFire for example), if the next program isn't tested against that url, but passes all 10/10, then how do I know if that one url would have created problems for all the other programs.

    Don't take me the wrong way, I know malwarebytes is an excellent program, and I've always used it. But when a tester re-scans with malwarebytes, and MBAM picks up 5 problems, what's to say that is all that is left. For example, re-scanning with Dr Web CureIt might pick up 4 more problems, and a-squared might find an additional 3. :/

    As DW said, larger sample size needed, and they can't be all from the one source (malwaredomainlist) as one vendor might add these faster than another, but these don't necessarily represent what's in circulation affecting the majority of users (yes it may be in circulation, but is it an accessible URL?). It's tough one, with no easy answer.

    Overall, am impressed with the new features in MBAM.
     
  17. NAMOR

    NAMOR Registered Member

    Joined:
    May 19, 2004
    Posts:
    1,526
    Location:
    Arkham Asylum
    My version of Malwarebytes is not detecting the exe in the 3rd link using on-demand scan. I like watching these videos but, I'd like to know if all the files that get executed are 100% malware.
     
    Last edited: Jan 1, 2010
  18. demoneye

    demoneye Registered Member

    Joined:
    Dec 30, 2007
    Posts:
    1,356
    Location:
    ISRHell
    its all a russian rolette :D
     
  19. vijayind

    vijayind Registered Member

    Joined:
    Aug 9, 2008
    Posts:
    1,413
    Its not the volume of URLs but its who is testing. Tests conducted by reputed independent testers like AV-Comparatives, AV-Test or VB even with smaller sets are more likely to be credible.
     
  20. Franklin

    Franklin Registered Member

    Joined:
    May 12, 2005
    Posts:
    2,517
    Location:
    West Aussie
    The only credible tests for me are real world where MBAM has helped me on most occassions in getting rid of a rogue infection which seem to be the most prevalent these days.
     
  21. vijayind

    vijayind Registered Member

    Joined:
    Aug 9, 2008
    Posts:
    1,413
    I agree in the real world MBAM has saved my cooster too ... many times. But when it comes to proper tests, its best to have it done by respected experts.
     
  22. icr

    icr Registered Member

    Joined:
    Sep 6, 2008
    Posts:
    1,588
    Location:
    Mumbai
    Hmmm.....
    Agreed with MBAM saved me from various infections:argh: but I am being my own expert and give my own conclusions.:)
     
  23. vijayind

    vijayind Registered Member

    Joined:
    Aug 9, 2008
    Posts:
    1,413
    Sure. If you are your own expert its immaterial how many URLs are needed.

    But if you are going to publish a seemingly credible test (as asked by nosirrah), best to hand over the job to reputed & neutral professionals first and then worry of number of samples/URLs. Without the first the later is almost nonsensical.
     
  24. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    1,732
    @kasperking
    compare MBAM with EsetAV or Avira - or Kaspersky - to give some names.
    They offer much more compared by pricing.
    can you provide details?
     
  25. Franklin

    Franklin Registered Member

    Joined:
    May 12, 2005
    Posts:
    2,517
    Location:
    West Aussie
    Work from home free of charge and I usually work on several infected machines a week.

    The last two were infected by Security Tool and Antivirus Live.

    Both are exe killers where mbam may need to renamed, extension changed or ran from safe mode but I'm sure you know how to go about it.

    If the installer for these rogues are unknown then they will usually disable your resident realtime security at install and trust me, people just don't know and do install.
     
Loading...
Thread Status:
Not open for further replies.