I installed it on my test PC and while it has a good detection rate when running manual scans, if I launch a PUP, I get no alerts. Maybe it treats actual malware differently and will detect it.Qiankun endpoint security by Huawei
Its completely free and seems to do well and its a free ngav which is very nice.让企业网络更简单更安全-华为乾坤云服务
华为乾坤云服务是华为面向企业推出的数字化网络云服务,包括云管理网络、网络安全、网络连接等一站式云服务,具有服务开通快、能力升级快、自动闭环快等特点。qiankun-saas.huawei.com
Make your video test requests!
- Thread starter Shadowra
- Start date
I would love to see windows security tested. Enable everything in app and browser control, and in device protection like core isolation, memory integrity ect. Then in edge, place ublock in the browser as only extra filter. So basically built in security with exception of ublock. "im not going to ask you to pop open gpedit and lock it down tightly if able".
Now to make this test tougher, no POC's just known/unknown malware out in the wild. Malware that users actually stand a chance or a possibility of coming into contact with.
Again use of sysinternals would be awesome "microsoft owns them" in showing analysis of samples and interactions with the security. Process explorer, autoruns, tcpview, ect.
Route of infection would be another thing to consider, as realistic as possible.
Now to make this test tougher, no POC's just known/unknown malware out in the wild. Malware that users actually stand a chance or a possibility of coming into contact with.
Again use of sysinternals would be awesome "microsoft owns them" in showing analysis of samples and interactions with the security. Process explorer, autoruns, tcpview, ect.
Route of infection would be another thing to consider, as realistic as possible.
- Apr 16, 2017
- 2,095
fwiw the Copyright at the bottom of Ram webpage(s) is 2017
- Jan 29, 2017
- 1,201
The copyright date does not mean “last updated.”fwiw the Copyright at the bottom of Ram webpage(s) is 2017
- May 26, 2014
- 1,067
Their product is garbage. It's some time since I tested it, but I have no doubt it will still be terrible.
- Apr 16, 2017
- 2,095
but IMO not irrelevant either
- Apr 2, 2018
- 1,742
- Feb 28, 2023
- 128
It's almost useless.
With the free version, you get a worse engine than ClamAV.
With the paid version, you get a Bitdefender scanner, as it doesn't have ATC/ATD or its own behavioral defense replacement.
For small vendors from China (iobit/wirecare), it might make sense to consider their cleaning software. As for security software, please don't use them.
You may see in some very old posts that their "owned" engine has a higher detection rate, that's because they stole the database from malwarebytes at that time...
- Feb 7, 2023
- 1,756
Until Malwarebytes created fake definitions for fake inhouse-generated threats. iObit detected those.
IOBit Steals Malwarebytes' Intellectual Property
Malwarebytes has recently uncovered evidence that a company called IOBit based in China is stealing and incorporating our proprietary database and intellectual property into their software. We know this will sound hard to believe, because it was hard for us to believe at first too. But after an i...
forums.malwarebytes.com
This resulted in a huge campaign of Malwarebytes against iObit, detecting every single iObit product as PUP as well as begging download portals left and right to remove iObit products.
In fairness, by not using iObit products, it’s not like users are missing out on something amazing.
It was a lot of drama though. I am not sure why the MB database (5mb archive at the time) wasn’t properly protected against theft.
Last edited:
- Dec 10, 2022
- 272
Ohhh yes i remember those days what a show that was. The fact they had the audacity to tell people to stop writing hurtful things about them.Until Malwarebytes created fake definitions for fake inhouse-generated threats. iObit detected those.
Note: I see @B-boy/StyLe/ has posted there in 2009.IOBit Steals Malwarebytes' Intellectual Property
Malwarebytes has recently uncovered evidence that a company called IOBit based in China is stealing and incorporating our proprietary database and intellectual property into their software. We know this will sound hard to believe, because it was hard for us to believe at first too. But after an i...
This resulted in a huge campaign of Malwarebytes against iObit, detecting every single iObit product as PUP as well as begging download portals left and right to remove iObit products.
In fairness, by not using iObit products, it’s not like users are missing out on something amazing.
It was a lot of drama though. I am not sure why the MB database (5mb archive at the time) wasn’t properly protected against theft.
I thought that was the case too. But Malwarebytes told me that they were detecting IObit products due to them taking a much more aggressive stance against PUPs in general, rather than due to the signature theft. A number of years ago Malwarebytes started classifying a lot more apps as PUPs than they had in the past.
Last edited:
- Feb 7, 2023
- 1,756
Yeah. Malwarebytes became very aggressive towards system optimisers. I don’t have an opinion on whether these should be classified as PUPs but it’s true that many of them cause a lot more problems than they solve and take up more disk space than they clean.
There was another case of optimiser stealing MB intellectual property.
[UPDATED] Yet Another Cleaner, Yet Another Stealer | Malwarebytes Labs
We discovered that a relatively popular "anti-malware" product known as "Yet Another Cleaner" claiming to be an affiliate of Malwarebytes and using a lot of our detection names as their own.
www.malwarebytes.com
They have a few articles detailing the reasons for their aggressive PUP detection. I don't agree with everything they say. For example, there are certainly some instances where driver update tools can be very useful. But on the whole I agree with them.
Registry Cleaners: Digital Snake Oil | Malwarebytes Labs
A word on registry cleaners. One of the most common complaints we see on our forums, and from our users, concerns a particular...
www.malwarebytes.com
Driver Updaters: Digital Snake Oil, Part 2 | Malwarebytes Labs
Having built a successful money printing machine, based on registry scanner snake oil, how do you diversify? Driver Updaters!
www.malwarebytes.com
PUP makers: digital snake oil, part 3 | Malwarebytes Labs
With our recent changes to our PUP classification, where we added aggressive Registry Cleaners and Driver Updaters, we see some pretty lame excuses for PUP reconsideration.
www.malwarebytes.com
- Sep 2, 2021
- 2,330
- Feb 28, 2023
- 128
Do I have a chance to see TEHTRIS?
I really like it (although I didn't buy it, I now consider your testing as the main criterion for purchasing).
- Sep 2, 2021
- 2,330
Do I have a chance to see TEHTRIS?
I really like it (although I didn't buy it, I now consider your testing as the main criterion for purchasing).
Yep
- Sep 2, 2021
- 2,330
Hello
As 2023 draws to a close in a few hours, it's time for me to take stock.
First of all, I'd like to thank you for your loyalty over the past 2 years. I never thought I'd get this far. I'd also like to thank my partners who have placed their trust in me (SerialCart, CyberLock etc).
2023 has been an eventful year for me. Ups and downs, personal worries, health problems (including the one that stopped me for over 1 month...) and so on.
I've posted the last video of 2023: TEHTRIS.
In 2024, we're back at it again, but in a different way. First, a brand-new VM with a few customizations.
I'm going to try to limit acceleration and eliminate acceleration on the URL test (I'm thinking of putting a transition on each URL detected).
The tools are changing! Gone is KillSwitch (which has become a gas factory) and hello ProcessExplorer with VirusTotal and above all a new feature: TCPView! You'll be able to see C&C connections in real time.
The introduction will also change, as I'm currently working on it (and it's very long... )
That's why the 1st video of 2024 will be out in about 3 weeks, so I can get everything right.
Once again, thank you for following me, and see you in 2024
Enjoy,
Shadowra
As 2023 draws to a close in a few hours, it's time for me to take stock.
First of all, I'd like to thank you for your loyalty over the past 2 years. I never thought I'd get this far. I'd also like to thank my partners who have placed their trust in me (SerialCart, CyberLock etc).
2023 has been an eventful year for me. Ups and downs, personal worries, health problems (including the one that stopped me for over 1 month...) and so on.
I've posted the last video of 2023: TEHTRIS.
In 2024, we're back at it again, but in a different way. First, a brand-new VM with a few customizations.
I'm going to try to limit acceleration and eliminate acceleration on the URL test (I'm thinking of putting a transition on each URL detected).
The tools are changing! Gone is KillSwitch (which has become a gas factory) and hello ProcessExplorer with VirusTotal and above all a new feature: TCPView! You'll be able to see C&C connections in real time.
The introduction will also change, as I'm currently working on it (and it's very long... )
That's why the 1st video of 2024 will be out in about 3 weeks, so I can get everything right.
Once again, thank you for following me, and see you in 2024
Enjoy,
Shadowra
- Apr 16, 2017
- 2,095
your work much appreciated! When you have time, will you, please elaborate on your VM customizations. TCPView is a separate app from ProcessExplorer, correct? Or are they combined now?
fwiw, I noticed on my VM running processexp 17.05 that with VT lookup I'm getting "access denied" but on this VM with pe 17.04 the VT is working aok. Have you noticed anything like that?
Happy 2024
- Sep 2, 2021
- 2,330
Similar threads
