Jump to content

DragonMaster Jay

Honorary Members
 View Profile  See their activity

  • Posts

    380

  • Joined

  • Last visited

 Content Type 

Posts posted by DragonMaster Jay

    IOBit

    in Malwarebytes News

    Posted

    Thanks for the link...I think the following is a joke:

    And we also paid special attention to questions regarding the old database of IObit Security 360 among the feedback.

    Hah, yeah right...they avoided the situation.

    We have apologized for all the inconvenience, meanwhile, we have taken immediate actions to remove all disputed data and updated the whole database online on November 3.

    Is this completely true?

    Eventually, IObit would like to work with all anti-malware vendors, to enhance the overall evolution of malware detection...

    Are they going to steal, or ask permission?

    --------

    I see IObit is playing the victim. They got caught (period). Also, I do not see their developers in the trenches with us.

    They are not very strong apparently.

    ---------

    They look for help from other vendors now, instead of just going out and stealing them, how thoughful of them to ask now.

    Also, like Kenny94 said, why are their analysts not out in the field.

    lol, like I said above...Are they going to steal, or ask permission?

    Potential FPs from a log

    in File Detections

    Posted

    Had a user recently who had potential false positives. Please analyze the log. Thanks.

    Thread: http://www.geekpolice.net/virus-spyware-ma...5511.htm#100693

    Malwarebytes' Anti-Malware 1.41

    Database version: 3143

    Windows 5.1.2600 Service Pack 3

    11/11/2009 4:51:15 AM

    mbam-log-2009-11-11 (04-51-15).txt

    Scan type: Full Scan (C:\|)

    Objects scanned: 205307

    Time elapsed: 2 hour(s), 33 minute(s), 46 second(s)

    Memory Processes Infected: 0

    Memory Modules Infected: 0

    Registry Keys Infected: 0

    Registry Values Infected: 0

    Registry Data Items Infected: 0

    Folders Infected: 0

    Files Infected: 7

    Memory Processes Infected:

    (No malicious items detected)

    Memory Modules Infected:

    (No malicious items detected)

    Registry Keys Infected:

    (No malicious items detected)

    Registry Values Infected:

    (No malicious items detected)

    Registry Data Items Infected:

    (No malicious items detected)

    Folders Infected:

    (No malicious items detected)

    Files Infected:

    C:\commyFix\Combo-Fix.sys (Rootkit.Agent) -> Quarantined and deleted successfully.

    C:\commyFix11601c\Combo-Fix.sys (Rootkit.Agent) -> Quarantined and deleted successfully.

    C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP3\A0007465.sys (Rootkit.Agent) -> Quarantined and deleted successfully.

    C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP4\A0012818.ocx (Adware.Gdown) -> Quarantined and deleted successfully.

    C:\WINDOWS\SYSTEM32\ReinstallBackups\0005\DriverFiles\i386\atapi.sys (Rootkit) -> Quarantined and deleted successfully.

    C:\WINDOWS\SYSTEM32\ReinstallBackups\0013\DriverFiles\i386\atapi.sys (Rootkit) -> Quarantined and deleted successfully.

    C:\WINDOWS\$NtServicePackUninstall$\atapi.sys (Rootkit) -> Quarantined and deleted successfully.

    IOBit

    in Malwarebytes News

    Posted

    ^^ Not exactly. I hope I can respond, since your post is not clear.

    If what you mean that companies do not do their own work anymore, that is not all the way true.

    Malwarebytes does their own database, Avira does their own database, AVG does their own database, Avast - Ikarus - Kaspersky and many more do their own.

    However, some companies do not, but have permission to pool in the database in to their own small engine to help them get started or to boost their own engine. For example, Emsi Software has their own database but also uses the Ikarus scanning engine as a booster. But, ClamWin pools in the ClamAV database as their engine - the only thing they did was change up or re-create the GUI (graphic user interface) and distribute it.

    Then, you get to companies that do not ask for permission. Usually rogue software does these tasks. IOBit decided to pool in the Malwarebytes database and boost their own, without permission. They are now rogue. IOBit has pooled in several other databases, which have not been said.

    It goes, "for every excellent security software, there will be a bunch of rogues copying because they cannot do the work themselves."

    IOBit

    in Malwarebytes News

    Posted

    Yes. The first it was most recognized was not just last week. It has been known for several weeks to a few months. Evil Fantasy, a regular here - had found the info, as well as a few others (unknown to me). I will let Evil Fantasy comment if he wants on that information.

    If you noticed, on the one topic at IOBit that was pointed out in the first advisory by RubbeR DuckY, Evil Fantasy replied on that topic. I believe that he was one that helped out in this case.

    I found out about the noticed stolen database last month and tested the both programs myself. I found tons of duplicates of MBAM's database (DB), that was in IOBit's DB.

    Now, IOBit becomes a rogue security software. Until they can clean up their act, they are rogue. ;)

    IOBit

    in Malwarebytes News

    Posted

    I just could not believe when I tested it a month ago, that they were using signature names similar to MBAM. How effective was the test? I tested against 452 trojans, 103 rogues, 342 viruses, and 23 adware/PUPs. Then, I used Log Comparator to check the results. 3/5 of the results were exact similarities in signature naming. I only have stats, I did not get the SHA1 hash of any of the malware testing ;)

    IOBit

    in Malwarebytes News

    Posted

    IOBit has done quite a few things that indirectly refer to them as being guilty. Although they attempt to give reasonable doubt, it is obvious by their actions - the guilt they possess.

    IOBit

    in Malwarebytes News

    Posted

    :) I am convinced that IOBit is guilty in this situation, as I have even checked signatures myself through testing. (Bad part is, I lost the results, otherwise I'd upload them here - stupid VM). Anyway, I did think hanging them on a wooden cross would be extreme.

    IOBit

    in Malwarebytes News

    Posted

    They shall be bound to a wooden cross with their faces raised toward heaven. And whilst still alive be dealt twelve blows with an iron rod breaking the joints of their arms, their shoulders, their hips, their legs.

    They shall then be raised up to hang until dead and all customary acts of mercy are expressly forbidden to the executioner!

    ...

    Wow, disturbing.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.