Make your video test requests!

roger_m

Level 41
Verified
Top Poster
Content Creator
Dec 4, 2014
3,029
Qiankun endpoint security by Huawei
Its completely free and seems to do well and its a free ngav which is very nice.
I installed it on my test PC and while it has a good detection rate when running manual scans, if I launch a PUP, I get no alerts. Maybe it treats actual malware differently and will detect it.
 
F

ForgottenSeer 103564

I would love to see windows security tested. Enable everything in app and browser control, and in device protection like core isolation, memory integrity ect. Then in edge, place ublock in the browser as only extra filter. So basically built in security with exception of ublock. "im not going to ask you to pop open gpedit and lock it down tightly if able".

Now to make this test tougher, no POC's just known/unknown malware out in the wild. Malware that users actually stand a chance or a possibility of coming into contact with.

Again use of sysinternals would be awesome "microsoft owns them" in showing analysis of samples and interactions with the security. Process explorer, autoruns, tcpview, ect.

Route of infection would be another thing to consider, as realistic as possible.
 

ShenguiTurmi

Level 3
Well-known
Feb 28, 2023
128
Iobit Malware Fighter
It's almost useless.
With the free version, you get a worse engine than ClamAV.
With the paid version, you get a Bitdefender scanner, as it doesn't have ATC/ATD or its own behavioral defense replacement.
For small vendors from China (iobit/wirecare), it might make sense to consider their cleaning software. As for security software, please don't use them.

You may see in some very old posts that their "owned" engine has a higher detection rate, that's because they stole the database from malwarebytes at that time...
 

Trident

Level 28
Verified
Top Poster
Well-known
Feb 7, 2023
1,715
You may see in some very old posts that their "owned" engine has a higher detection rate, that's because they stole the database from malwarebytes at that time...
Until Malwarebytes created fake definitions for fake inhouse-generated threats. iObit detected those.
Note: I see @B-boy/StyLe/ has posted there in 2009.

This resulted in a huge campaign of Malwarebytes against iObit, detecting every single iObit product as PUP as well as begging download portals left and right to remove iObit products.

In fairness, by not using iObit products, it’s not like users are missing out on something amazing.
It was a lot of drama though. I am not sure why the MB database (5mb archive at the time) wasn’t properly protected against theft.
 
Last edited:

nickstar1

Level 6
Verified
Well-known
Dec 10, 2022
259
Until Malwarebytes created fake definitions for fake inhouse-generated threats. iObit detected those.
Note: I see @B-boy/StyLe/ has posted there in 2009.

This resulted in a huge campaign of Malwarebytes against iObit, detecting every single iObit product as PUP as well as begging download portals left and right to remove iObit products.

In fairness, by not using iObit products, it’s not like users are missing out on something amazing.
It was a lot of drama though. I am not sure why the MB database (5mb archive at the time) wasn’t properly protected against theft.
Ohhh yes i remember those days what a show that was. The fact they had the audacity to tell people to stop writing hurtful things about them. 😂😂
 

roger_m

Level 41
Verified
Top Poster
Content Creator
Dec 4, 2014
3,029
This resulted in a huge campaign of Malwarebytes against iObit, detecting every single iObit product as PUP as well as begging download portals left and right to remove iObit products.
I thought that was the case too. But Malwarebytes told me that they were detecting IObit products due to them taking a much more aggressive stance against PUPs in general, rather than due to the signature theft. A number of years ago Malwarebytes started classifying a lot more apps as PUPs than they had in the past.
 
Last edited:

Trident

Level 28
Verified
Top Poster
Well-known
Feb 7, 2023
1,715
I thought that was the case too. But Malwarebytes told me that they were detecting IObit products due to them taking a much aggressive stance against PUPs in general, rather than due to the signature theft. A number of years ago Malwarebytes started classifying a lot more apps as PUPs than they had in the past.
Yeah. Malwarebytes became very aggressive towards system optimisers. I don’t have an opinion on whether these should be classified as PUPs but it’s true that many of them cause a lot more problems than they solve and take up more disk space than they clean.

There was another case of optimiser stealing MB intellectual property.
 

roger_m

Level 41
Verified
Top Poster
Content Creator
Dec 4, 2014
3,029
Yeah. Malwarebytes became very aggressive towards system optimisers. I don’t have an opinion on whether these should be classified as PUPs but it’s true that many of them cause a lot more problems than they solve and take up more disk space than they clean.
They have a few articles detailing the reasons for their aggressive PUP detection. I don't agree with everything they say. For example, there are certainly some instances where driver update tools can be very useful. But on the whole I agree with them.
 

Shadowra

Level 33
Thread author
Verified
Top Poster
Content Creator
Malware Tester
Well-known
Sep 2, 2021
2,295
Their product is garbage. It's some time since I tested it, but I have no doubt it will still be terrible.

image_2023-12-15_001832864.png

And to think I don't use a VPN :p
 

Shadowra

Level 33
Thread author
Verified
Top Poster
Content Creator
Malware Tester
Well-known
Sep 2, 2021
2,295
Hello :)

As 2023 draws to a close in a few hours, it's time for me to take stock.

First of all, I'd like to thank you for your loyalty over the past 2 years. I never thought I'd get this far. I'd also like to thank my partners who have placed their trust in me (SerialCart, CyberLock etc).

2023 has been an eventful year for me. Ups and downs, personal worries, health problems (including the one that stopped me for over 1 month...) and so on.
I've posted the last video of 2023: TEHTRIS.

In 2024, we're back at it again, but in a different way. First, a brand-new VM with a few customizations.
I'm going to try to limit acceleration and eliminate acceleration on the URL test (I'm thinking of putting a transition on each URL detected).
The tools are changing! Gone is KillSwitch (which has become a gas factory) and hello ProcessExplorer with VirusTotal and above all a new feature: TCPView! You'll be able to see C&C connections in real time.

The introduction will also change, as I'm currently working on it (and it's very long... )

That's why the 1st video of 2024 will be out in about 3 weeks, so I can get everything right.

Once again, thank you for following me, and see you in 2024 ;)

Enjoy,

Shadowra :)
 

simmerskool

Level 31
Verified
Top Poster
Well-known
Apr 16, 2017
2,094
In 2024, we're back at it again, but in a different way. First, a brand-new VM with a few customizations.

hello ProcessExplorer with VirusTotal and above all a new feature: TCPView! You'll be able to see C&C connections in real time.
your work much appreciated! When you have time, will you, please elaborate on your VM customizations. TCPView is a separate app from ProcessExplorer, correct? Or are they combined now?
fwiw, I noticed on my VM running processexp 17.05 that with VT lookup I'm getting "access denied" but on this VM with pe 17.04 the VT is working aok. Have you noticed anything like that?
Happy 2024
 

Shadowra

Level 33
Thread author
Verified
Top Poster
Content Creator
Malware Tester
Well-known
Sep 2, 2021
2,295
your work much appreciated! When you have time, will you, please elaborate on your VM customizations. TCPView is a separate app from ProcessExplorer, correct? Or are they combined now?
fwiw, I noticed on my VM running processexp 17.05 that with VT lookup I'm getting "access denied" but on this VM with pe 17.04 the VT is working aok. Have you noticed anything like that?
Happy 2024

TcpView and PE are quite distinct :)
And I don't have the VirusTotal problem :/
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top