Malware Bytes Realtime test against 1000+ recent samples

kC77

Level 5
Thread author
Verified
Well-known
Aug 16, 2021
230
Hi been testing quite a few products with the same test in the past week, 1000+ samples ran one by one in via commandline in a test windows 10 VM.... adding a few fresh samples each day.... most "AV's" fail this test, most recent BIG failures
  • Bit Defender Free (FAIL)
  • Sophos Home Premium (FAIL)
  • G-Data AV (FAIL)
  • Norton (FAIL)
  • ESET AV (FAIL)
  • Kaspersky Cloud Free (Fail)
these were all compromised (Sophos actually missed a drive wiper malware and the test VM gets destroyed in around 5 minutes (retested this a week later and it still happens)
ESET... the test pictures get cryptolockered) Even Kaspersky Cloud Free fails and malware was left running & malicious connectivity to foreign countries (detected in IDS logs) - If you are running any of the above, MAKE sure you are running a second opinion scanner

Notable Passes with 100% protection from the samples -
  • Hardened Windows defender (using configure defender in highest)
  • F-Secure Safe
  • Avast free
almost100% (mised 1 - Arcabit)


anyway I thought I'd give Malware bytes trial a go at the test this evening, and it did not disappoint, Nothing got through or ran, no IDS alerts triggered or external communication, there was an installer pop up that i just said no to... but there was no malware/ransomware etc running in process explorer, MBAM stopped it all in its tracks.

MBAM realtime passed a hard test that many other of the so called "Big AV's" fail at, so well done MBAM!! thats now 4 products that pass this test & these would be the only products (so far) I could seriously recommend.

mbam-postrun.png

gif of the test if you are bored enough! download dropbox (99mb)

well done to MBAM! you are keeping your userbase safe!
 

Kongo

Level 35
Verified
Top Poster
Well-known
Feb 25, 2017
2,478
I had already done it (I think!) But cant find any pics etc... i seem to remember it did well, but was inconclusive as it missed a few things... Ill redo it tonight and post up later on!
And if you could test Huorong someday it would be cool too. It has so many Firewall modules and quite a strong HIPS that I really would like to see in action once again. Thanks a lot for taking your time to share the results of your tests. :)
 

Trooper

Level 16
Verified
Top Poster
Well-known
Aug 28, 2015
772
Hi been testing quite a few products with the same test in the past week, 1000+ samples ran one by one in via commandline in a test windows 10 VM.... adding a few fresh samples each day.... most "AV's" fail this test, most recent BIG failures
  • Bit Defender Free (FAIL)
  • Sophos Home Premium (FAIL)
  • G-Data AV (FAIL)
  • Norton (FAIL)
  • ESET AV (FAIL)
  • Kaspersky Cloud Free (Fail)
these were all compromised (Sophos actually missed a drive wiper malware and the test VM gets destroyed in around 5 minutes (retested this a week later and it still happens)
ESET... the test pictures get cryptolockered) Even Kaspersky Cloud Free fails and malware was left running & malicious connectivity to foreign countries (detected in IDS logs) - If you are running any of the above, MAKE sure you are running a second opinion scanner

Notable Passes with 100% protection from the samples -
  • Hardened Windows defender (using configure defender in highest)
  • F-Secure Safe
  • Avast free
almost100% (mised 1 - Arcabit)


anyway I thought I'd give Malware bytes trial a go at the test this evening, and it did not disappoint, Nothing got through or ran, no IDS alerts triggered or external communication, there was an installer pop up that i just said no to... but there was no malware/ransomware etc running in process explorer, MBAM stopped it all in its tracks.

MBAM realtime passed a hard test that many other of the so called "Big AV's" fail at, so well done MBAM!! thats now 4 products that pass this test & these would be the only products (so far) I could seriously recommend.


gif of the test if you are bored enough! download dropbox (99mb)

well done to MBAM! you are keeping your userbase safe!

Wow F-Secure doing well here. Was wondering about this suite of late. Was everything at default settings?
 

kC77

Level 5
Thread author
Verified
Well-known
Aug 16, 2021
230

Kongo

Level 35
Verified
Top Poster
Well-known
Feb 25, 2017
2,478
Damn, that was quick. Thanks! :)
 

Anthony Qian

Level 9
Verified
Well-known
Apr 17, 2021
448
Hardened Windows defender (using configure defender in highest) will blocked almost anything unknown from running - not ideal.

F-Secure’s DeepGuard also tends to block unknown and rare softwares from running.

Based on the results, I think the samples used are quite fresh.
 
  • Like
Reactions: Kongo and kC77

L0ckJaw

Level 19
Verified
Content Creator
Well-known
Feb 17, 2018
870
Can you share the results for GDATA?
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top