Jump to content

Jaska

Honorary Members
  • Posts

    60
  • Joined

  • Last visited

Everything posted by Jaska

  1. http://www.vackertvader.se is blocked. IP 199.27.135.17
  2. In what level does the website-blocking work? Does it block all traffic to forbidden ip-addresses regardless of the application used or just browsers? Does port matter? Does it work in level where a malicious program tries to call home MBAM blocks the connection to the ip-address program is trying to reach?
  3. First of, thanks for this magnificent application, I still can't understand how you manage keep your detection rate so near 100% all the time. But now I am a little bit curious. Is there something new cooking in tour pot? A new version with bug fixes or even with new features? Whit this detection MBAM is not actually lacking anything but still any news?
  4. Now after 15 hours from my initiala scanning 6/43 AV-programs in VirusTotal detect this trojan. This shows how much behind MBAM the other vendors are. Of course if this malware would be a fast spreading infection they would certainly react faster.
  5. I have no idea what you guys do different than other AV-vendors, but MBAM's detection rate is unbelievable. I like to download new virus samples from sites listed on various list round the net. Thea I test my AV programs (not simultaneusly installed of course) like Comodo, Panda, Vipre etc. and then test the files in Virus total. I must have MBAM active protection disabled because it is no idea to test the other programs as MBAM always detects the malware. Independed how little percentage of AV-programs in VirusTotal detect malware in the samples MBAM never fails. Today the result was quite extreme, after downloadin an executalbe from a malware-list i sent it to VirusTotal. 0/42 AV programs found anything, but MBAM says it is a trojan. It will be interesting to see the VT results develops as new updates are applied.
  6. I hadn't seen that option. It almost does what I want. A pop-up when something infected id found would be nice.
  7. In Panda Cloud av discussion forum there has been a discussion about new type of method to hide malware. They are included in very large exe files about 150 MB. The rest in the file is empthy junk code so the files can be zipped to 1.5 megs.I have sownloaded samples of these files from links in that discussion http://www.cloudantivirus.com/forum/thread.jspa?threadID=57994&tstart=0 and tested them. Malwarebytes sems to be totally incompetent ty find the malware in these. All types of scans miss them and even launching the files does not activate it. Why is MBAM so helpless in front of those files?
  8. I agree. This a reason why I have MBAM scan only 1 time a week. The clean pop-ups really annoyend so I removeds other scheduled scans.
  9. Thanks, that is nice to know- MBAM is way ahead of other companies! I am sure you must use alien technolygy in your applications! :-)
  10. posted it to false positives forum. And I am not infected just downloaded the file for this kind of testing purposes.
  11. Here is the VirusTotal results and thee attached file (that I hope comes through this time). Antivirus Version Last Update Result AhnLab-V3 2011.03.12.00 2011.03.11 - AntiVir 7.11.4.177 2011.03.12 - Antiy-AVL 2.0.3.7 2011.03.12 - Avast 4.8.1351.0 2011.03.12 - Avast5 5.0.677.0 2011.03.12 - AVG 10.0.0.1190 2011.03.12 - BitDefender 7.2 2011.03.12 - CAT-QuickHeal 11.00 2011.03.12 - ClamAV 0.96.4.0 2011.03.12 - Commtouch 5.2.11.5 2011.03.12 - Comodo 7955 2011.03.12 - DrWeb 5.0.2.03300 2011.03.12 - Emsisoft 5.1.0.2 2011.03.12 - eSafe 7.0.17.0 2011.03.10 - eTrust-Vet 36.1.8211 2011.03.11 - F-Prot 4.6.2.117 2011.03.12 - F-Secure 9.0.16440.0 2011.03.12 - Fortinet 4.2.254.0 2011.03.12 - GData 21 2011.03.12 - Ikarus T3.1.1.97.0 2011.03.12 - Jiangmin 13.0.900 2011.03.12 - K7AntiVirus 9.93.4087 2011.03.11 - Kaspersky 7.0.0.125 2011.03.12 - McAfee 5.400.0.1158 2011.03.12 - McAfee-GW-Edition 2010.1C 2011.03.12 - Microsoft 1.6603 2011.03.12 - NOD32 5948 2011.03.12 - Norman 6.07.03 2011.03.12 W32/SmallTroj.ZMLP nProtect 2011-02-10.01 2011.02.15 - Panda 10.0.3.5 2011.03.12 - PCTools 7.0.3.5 2011.03.11 - Prevx 3.0 2011.03.12 - Rising 23.48.05.03 2011.03.12 - Sophos 4.63.0 2011.03.12 - SUPERAntiSpyware 4.40.0.1006 2011.03.12 Trojan.Agent/Gen-MSFake Symantec 20101.3.0.103 2011.03.12 - TheHacker 6.7.0.1.149 2011.03.12 - TrendMicro 9.200.0.1012 2011.03.12 - TrendMicro-HouseCall 9.200.0.1012 2011.03.12 - VBA32 3.12.14.3 2011.03.12 - VIPRE 8681 2011.03.12 - ViRobot 2011.3.12.4354 2011.03.12 - VirusBuster 13.6.246.3 2011.03.11 - Verf.zip
  12. I have a file that I loaded via a link in malwaresites page. There it was said it is a trojan downloaded by a java applet. MBAM finds the trojan agent. But when I have tested it in Virus Total only Superanyispyware found the trojan. I would like to know what it is real or a false positive.
  13. I have a file that I loaded via a link in malwaresites page. There it was said it is a trojan downloaded by a java applet. MBAM finds the trojan agent. But when I have tested it in Virus Total only Superanyispyware found the trojan. I would like to know what it is real or afalse positive.
  14. Yes, I am using it with Vipre and Panda cloud and without any problems.
  15. Thanks. that clears the thing. I didn't realise that also the shorcut files can be harmfull too. MBAM is great!
  16. All the av-programs I have used can scan a folder contents from a desktop shortcut refeferring to a specific directory in my computer. But MBAM seems not to do it. When I choosde right-click menu on a shortcut to "Scan with MBAM" it scans only 1 item, probably the shortcut dile itself. a bug or a feature?
  17. I am using Vipre and MBAM Pro together and in that test they seem to be unbeatable.
  18. I would like to submit these samples toyou, but I am always too late - you already recognize the malware. And as MBAM works so flawless I certainly recommend it to everyone i know. Thanks for this little gem!
  19. How can you be good and fast in detecting new malware? I have tested Malwarebytes Pro recently by downloading malicious files (usually 0-day variants) from a malicious sites list. then I have send the files to Virus Total and tested them with my Panda Cloud and Vipre anti-virus. And MBAM's score is 100%. It has found every single thing in these files. I just tested a "video add-on"-Trojan and only 3 out of 43 av-applications found something, some heuristically. But MBAM had already a name for this evil "Trojan.fake alert.gen. So what is your secret?
  20. This layered defence seems to do its job. I downloaded a 0-day malware and let my protection software scan it. Nor Panda Cloud or Vipre find nothing but MBAM detects the trojan. And I have confirmed this in Virus Total where only a handful of applications regognised it first. Now several ones do it. I also launched the file (in safe system) and Comodo firewalls cloud av jumped up and warned about the trojan. also MBAm alert was launched. So initially 1 of my 3av-aaplications found the malware. If i had relyend only one of those my system would have been infected. It is nice know though that comodo is the last line of defense (also sandboxing feature) if everything else fails. It seems quite impossible though that MBAM would not find the bad boys. (How you do it? Like the chinese AV-producers? - write the viruses themselves to get great protection rates )
  21. After reading the technical description of Virtu here http://www.f-secure.com/v-descs/virus_w32_virut.shtml I would like to add fourth AV-program into my arsenal. So sophisticated and evil sounds the techniques modern malware is using these days! I hope you guys in AV-labs are using even more sophisticated methods to detect and prevent them.
  22. I am perfectly aware of this 2 av-programs simultaneously thing. Panda is doing the overall scanning in all file operations. So it generally checks all new files appearing into my computer. And then it gives the file good/or bad status. And when the file is executed it checks against this database the status. So if I have understood right the file is not checked again. Vipre ans MBAM do their checkin first when the file is executed and they should not be much disturbed by Panda. This is what I think happens. This seems to work ok. I have tested the system and malware gets detected at some point. The system impact is surprisingly low this way, only program execution can take a bit longer time than without av. this is actually only some kind of experiment...
  23. "is not an anti virus application, it may not find viruses or worms". What do you mean? What does it find? Ok just a joke it has found everything I have trown to it. I just meant that because it has sych a great detection and cleaning capabilities why not make the little step and make it a stand alone anti-malware application. I myself have total overkill in my defencenses: I use Panda Cloud antivirus pro to do the first line defence against all file actions. Then i have both Vipre and and MWBAM Pro to scan the processes launched and scheduled scans. And finally Comodo Firewall takes hand of the net,and it has somekind of cloud av analyzer too and a sandbox feature. All this with right settings run quite light and they seem not to disturb each other.
  24. Is it possible to use MBAM Pro as the only anti-virus solution or does it necessarily need an other solution running aside? What is being unprotected if running MBAM only? Does the on-acces scabber scab scripts etc exected by the browsers? MBAM,s detection rate and performance are so good that I would like to theow away the other AV-programs I am using.
  25. Any knowledge how they collect the siites? Do they use common lists or scan the web themselves? It seems to block sites that Clearcloud dns nad firefox does not.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.