MRG PUA Test Results - Jan 05 2011

Discussion in 'other anti-virus software' started by LODBROK, Jan 5, 2011.

Thread Status:
Not open for further replies.
  1. LODBROK

    LODBROK Guest

  2. EliteKiller

    EliteKiller Registered Member

    Joined:
    Jan 18, 2007
    Posts:
    1,138
    Location:
    TX
    Those chat logs are hilarious. :D

    SAS didn't detect a single sample. :eek:
     
  3. 1000db

    1000db Registered Member

    Joined:
    Jan 9, 2009
    Posts:
    718
    Location:
    Missouri
    Live chat transcripts are a great addition! Overall interesting test. The results from Prevx and OA++ don't really surprise me but Immunet has kicked this year off remarkably well. Apparently Avasts sandbox didn't work; or maybe MRG considered it a fail if it was not detected but was still sandboxed. :doubt:
     
  4. cm1971

    cm1971 Registered Member

    Joined:
    Oct 22, 2010
    Posts:
    727
    Neither did MSE.

    Edit: After scrolling down I see they did get 1 lol.
     
  5. 3GUSER

    3GUSER Registered Member

    Joined:
    Jan 10, 2010
    Posts:
    812
    These fake companies that pretend to offer free chat help are becoming more and more "popular" . I have once found one and chatted with them , it is all fun , you should try it :D
     
  6. cm1971

    cm1971 Registered Member

    Joined:
    Oct 22, 2010
    Posts:
    727
    I wonder how many people fall for these fake apps. I don't remember where I saw it (it may have been Wilders) but I read one of those conversations with a fake company a while back and it was hilarious.
     
  7. acr1965

    acr1965 Registered Member

    Joined:
    Oct 12, 2006
    Posts:
    4,954
    A Nano sighting! Also, F-Secure did a lot better than Bitdefender. Don't they share a same engine?
     
  8. 3GUSER

    3GUSER Registered Member

    Joined:
    Jan 10, 2010
    Posts:
    812

    I don't think many do because it asks them pay . If it was cheating them in some other way , may be it would have been more successful.
     
  9. King Grub

    King Grub Registered Member

    Joined:
    Sep 12, 2006
    Posts:
    814
    Yes, but F-Secure has their own engine(s) as well, plus several other methods of detecting malware, including Deepguard if connected to the Internet.
     
  10. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    3,771
    Location:
    Outer space
    Indeed, lol @ the chats. I don't think they used Avast sandbox at all, there's no mention of it. And automatic sandboxing of unknown/suspicious files will come in v6.0, I'm more curious if they enabled PUP detection in realtime shields.
     
  11. Noob

    Noob Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    6,468
    Nice test :D
     
  12. carat

    carat Guest

    SAS is completely overrated :doubt: Well done MBAM :thumb:
     
  13. Boyfriend

    Boyfriend Registered Member

    Joined:
    Jun 7, 2010
    Posts:
    1,070
    Location:
    Pakistan
    Thanks for share :) Interesting results
     
  14. atomomega

    atomomega Registered Member

    Joined:
    Jul 27, 2010
    Posts:
    1,285
    Great job Vipre! :thumb:
     
  15. Kernelwars

    Kernelwars Registered Member

    Joined:
    Aug 12, 2010
    Posts:
    2,155
    Location:
    TX
    Vipre is really getting better ..Gr8 job guys:thumb:
     
  16. LODBROK

    LODBROK Guest

    We shouldn't loose track of the fact this was a test about detection of PUAs and only those. SAS and MBAM tested were Pro versions; the free versions wouldn't have done squat. I just mention that because the norm is to say "MBAM" or "SAS" and leave the reader to judge which version, MBAM/SAS or MBAM/SAS Pro, is being reference within the context of a posting. This is a technical forum, after all. Not yoo toob.

    True, MBAM Pro cleaned SAS Pro's clock in this detection test, but both free apps have been acclaimed to shine in the cleanup of compromised systems. And while on this slightly off-thread post, Malwarebytes still doesn't market a portable free version - not a slam, just an observation.

    While I can agree at this point in time, SAS Pro may be overrated (v5 is on the horizon) I don't believe there has been a head-to-head test of its Pro version vs. MBAM Pro against a broad spectrum of threats. Tho against MBAM Pro, SAS Pro didn't fare well in MRG's Flash (zero-day) project...

    Disclaimer: I do run MBAM Pro. :)
     
    Last edited by a moderator: Jan 6, 2011
  17. acr1965

    acr1965 Registered Member

    Joined:
    Oct 12, 2006
    Posts:
    4,954
    I don't remember SAS Pro ever doing well in any test, I'm not sure their "real time" protection is anything of benefit- except for the money paid to the developer who certainly deserves to be compensated. But the Pro version may give a person a false sense of protection.
     
  18. rdsu

    rdsu Registered Member

    Joined:
    Jun 28, 2003
    Posts:
    4,456
    Can I use Immunet as an on-demand scanner only?
     
  19. LODBROK

    LODBROK Guest

    Good question. I turned off the three protection settings which generated a "protection disabled" icon balloon tip.

    I ran a scan and it completed. So, without input from Immunet/Clam staff to correct me, I'd say "yes" to the on-demand.

    However, closing the UI (iptray.exe) doesn't stop the service (agent.exe).
     

    Attached Files:

  20. rdsu

    rdsu Registered Member

    Joined:
    Jun 28, 2003
    Posts:
    4,456
    I also have the same behaviour...

    And if you change the service to Manual start, Immunet doesn't work, because the GUI doesn't start it...
     
  21. Narxis

    Narxis Registered Member

    Joined:
    Jun 10, 2009
    Posts:
    477
    SAS 5 will be much better.
     
  22. PJC

    PJC Very Frequent Poster

    Joined:
    Feb 17, 2010
    Posts:
    2,959
    Location:
    Internet
    Let's hope so...;)
     
  23. SUPERAntiSpy

    SUPERAntiSpy Developer

    Joined:
    Mar 21, 2006
    Posts:
    1,088
    We specifically don't detect those products due to their aggressive "legal threats" towards many companies. We have chosen to go after the trojans, rootkits, password stealers and applications that actually HARM your system and steal information. As you notice Microsoft has also chosen not to detect the same threats.

    We may add a category such as the "Potentially Unwanted Application" as others have done to indicate to the user that they may wish to do their own research as to why these applications may not be desired.
     
  24. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    But, what is a potentially unwanted application? In my book, anything that installs without me wanting it, it's an unwanted application. :D

    For example: Imagine I install XYZ application, and this one comes with some toolbar/browser to install (as some very legitimate apps do). They come with such install selected by default... This is an unwanted application. Would this be a fair assumption?

    Regarding those rogue crap... again... if somehow I'm lead to believe I needed it, and therefore deliberately installed it, then am I making a fair assumption that such is a wanted application, rather than an unwanted application? I'm leaving legitimacy aside. ;)

    I do understand why some security vendors decide not to target such... But, I believe something like that could be easily worked around by allowing users to make use of known domain blacklist sources. Sure, not the ideal solution, but would it resolve the "legal threats"? You wouldn't be directly targeting them, rather allowing your users to block whatever domain(s) they would like, and even suggest known blacklist sources... ;)

    Anyways, I got too much caffeine inside... lol
     
  25. LODBROK

    LODBROK Guest

    Yes. Before you open the GUI, you have to first start the service in Services. You can simplify the latter by making a bat file using net start. Create a shortcut for it and place it above the GUI lnk in the Start menu. Repeat that for a net stop bat file if you want to stop the service later.

    Immunet is not alone in that behavior; ignore control of the service is the developer's option. On the other end of that spectrum is complete control. I can change Malware Defender's service, mdservice.exe, to manual. When I run the GUI it not only starts the service but reverts it back to automatic. :p

    Whether or not you personally endorse a developers' choice is where you can exercise your own: use it as is, bend it to your needs or don't use it at all. You can let the developer know what you want, too.
     
Loading...
Thread Status:
Not open for further replies.