Comments for Malware Research Group

Comment on List of participants in our Facebook Security Test by Avira

Avira — Thu, 09 Sep 2010 09:08:53 +0000

When test will be published?

Comment on List of participants in our Facebook Security Test by Chris

Chris — Tue, 07 Sep 2010 12:39:51 +0000

Woodrowbone :
Any chance that Immunet who market their product as an “Community Antivirus” will be included? Seems like the perfect test for them.

Peace

/W

Hi, we wont be including Immunet in this test, but, will include it in one shortly.

Comment on List of participants in our Facebook Security Test by Sveta

Sveta — Tue, 07 Sep 2010 12:24:47 +0000

Frank :
Hello,

Why do you play usually down Comodo Internet Security??? I think it must be role in this test.

Comodo Internet Security or its creators are not yet ready to be included into any kind of group testing.

Comment on List of participants in our Facebook Security Test by Frank

Frank — Tue, 07 Sep 2010 11:01:42 +0000

Hello,

Why do you play usually down Comodo Internet Security??? I think it must be role in this test.

Comment on List of participants in our Facebook Security Test by Woodrowbone

Woodrowbone — Tue, 07 Sep 2010 09:55:50 +0000

Any chance that Immunet who market their product as an “Community Antivirus” will be included? Seems like the perfect test for them.

Peace

Comment on Good Passwords, Safer Accounts by sethtp

sethtp — Wed, 01 Sep 2010 06:35:09 +0000

How do you remember that password?
I hear some people use a sentence and replace letters with symbols and numbers.
1H@\/3n’tB33nT0Th3D0c+0rL@+3ly
iHaventBeenToTheDoctorLately
Or something similar.

Comment on Malwarebytes’ Anti-Malware 1.45 Vs. Early Life Malware by dallas7

dallas7 — Sun, 22 Aug 2010 17:23:11 +0000

It should be noted Shuriken heuristics is solely dependent on code within the rules.ref database file. This code was not implemented until August 4, 2010 with database version 4390. So, even though the heuristics option was “enabled” for this test, in fact no heuristics were in effect.

The Shuriken heuristics announced with the release of v1.45 on March 29 took almost 20 weeks to be implemented in v1.46. The ability to toggle the option in the UI settings not only hoodwinked users and reviewers but even Malwarebytes’ “Forum Deity” experts. There was never any news or progress reports as to the status of Shuriken. Indeed, as of this August 22 writing, their Web site “Latest News” and the application’s own “Latest News” both read… “April 29, version 1.46 released.” Inquiries by paying customers directed at their forum were answered with unmoderated and unchallenged guesses, misinformation or blatant fabrication.

Since the rules.ref file is updated several times a day, there is no way for the user to determine if the heuristics code is present for any given database number. Regardless of the enabled status of the UI setting, Malwarebytes can turn it off or on at will. For the users of the free on-demand version, who cares? But the customers who paid for the protection module and who place faith in the real-time heuristics deserve better.

Clearly, the UI setting mislead countless users and customers to think they were getting heuristics while the corporate diplomacy was, “Let them think so.” This, of course, is from the same company that levied charges of deception at IObit – charges that never met with any peer review.

Comment on MRG Tests by Igsloth

Igsloth — Sun, 27 Jun 2010 11:18:58 +0000

Great tests.

Please test [new] Free Anti Keylogger Keystroke Interference 1.4 if you can.

http://download.cnet.com/Free-Anti-Keylogger-Keystroke-Interference/3000-2144_4-75211735.html

Comment on MRG Tests by ssj100

ssj100 — Fri, 25 Jun 2010 11:01:27 +0000

You write:
“…real financial malware commonly, will NOT use the same exploit/vector as a simulator…
…An application blocking these simulated attacks does NOT necessarily mean it will be effective against REAL malware.”

I’ve highlighted the key words in capitals. Unfortuntately, this test doesn’t really prove anything. Fact is, most (clever) zero day malware will be released after testing against anti-logging mechanims. And they will NOT be blocked. Right?

Hence, a default deny mechanism of protection with a sandbox containment mechanism (which is easily flushed) is the best way to block these (non-existent haha) malware loggers.

You know what I would really like to see? A test against real-world malware, NOT simulators.

Thanks and keep up the “good” work.

Comment on MRG Tests by dallas7

dallas7 — Wed, 23 Jun 2010 18:31:15 +0000

Outstanding piece of work; a real eye opener and of great value to the community! Looking forward to the ongoing results in the coming month of days.

What was the environment of the Prevx installation…
PrevxFree/SOLFree (setup.exe default) or then licensed as
PrevxPaid/SOLfree or
PrevxFree/SOLpaid or
PrevxPaid/SOLpaid???

Thank you.