Malware Hub Testing

[Mariihh]

Hello everyone!
I am a huge fan of the site, mainly to see tests with various Antivirus in the malware Hub, but I have noticed that it has tester that does not do well its work, how can I believe in a test with just a snapshot? Where are the details? Test Antivirus against malware I believe that it is difficult and serious work, is not for anyone, what is the criterion used by administrators to accept anyone to test? Should not have a good knowledge in malware and have a high level here on the site to be able to be part of the team of testers? Excuse my criticism and if I am being very radical, but it is my opinion, thanks for the attention.

 

[mekelek]

could you explain what's being done wrong and how would you do it?

 

[Deleted member 65228]

The best thing you can do is ignore reviews you do not like or agree with.

I ignore all of the malware vs Anti-Virus testing reviews which are posted and there's no problem with it. Your life will become a whole lot easier if you try it out as well. The hard truth is no one is going to care about whether you like their test or not - 6 years ago on another forum (which is now inexistent) I once knew of someone who tried to help testers improve their methodology but they didn't agree with it and all it lead to was the person I knew getting into trouble.

It isn't worth it, don't waste your time.

 

[Mariihh]

could you explain what's being done wrong and how would you do it?

I'm not talking about everyone, but some.. In the 20 malware test (9-4-2018 # 20) user: L0ckJaw. His test was just a snapshot, with no details, and in the single snapshot shows 18 samples in the quarantine, where he put the total of 20.

 

[illumination]

I'm not talking about everyone, but some.. In the 20 malware test (9-4-2018 # 20) user: L0ckJaw. His test was just a snapshot, with no details, and in the single snapshot shows 18 samples in the quarantine, where he put the total of 20.

There are "seasoned testers" and those just getting their feet wet, it shows in their posts, you have to have some allowance for those just learning. The seasoned testers will include info with every snapshot, what the sample did while being dynamically tested, after execution, they list what processes that are started, what connections are established, changes to the system, ect. If you have enough knowledge about malware and it's specifics, you can follow along nicely with just the snapshots and information as all the proof you need. You also have to have knowledge of products as well, some may remove/delete a sample with no log in quarantine, then you see other moments where cleaning a file, it looks as if the malicious file is still there, but in reality, it has be neutralized.

 

[upnorth]

I once knew of someone who tried to help testers improve their methodology but they didn't agree with it and all it lead to was the person I knew getting into trouble.

That is not impossible to implement but it has all to do with the leader/owner and the staff and the sets of rules. If they don't tag along I can understand why someone could get in trouble. Creating for example mandate information windows that must be filled before a post can be created is one way among many. It's actually already today in use in some parts like the news forum.

 

[Deleted Member 3a5v73x]

Everyone starts from the bottom, as for the new AV testers here, they improve and learn over time. Instead of critising, other 'long time' testers give valued opinions for newer ones. Keep in mind, they test different AV's in MH completely for free, so they deserve some credit. I appreciate every AV result they post.

 

[Deleted member 178]

Hello everyone!
I am a huge fan of the site, mainly to see tests with various Antivirus in the malware Hub, but I have noticed that it has tester that does not do well its work, how can I believe in a test with just a snapshot? Where are the details? Test Antivirus against malware I believe that it is difficult and serious work, is not for anyone, what is the criterion used by administrators to accept anyone to test? Should not have a good knowledge in malware and have a high level here on the site to be able to be part of the team of testers? Excuse my criticism and if I am being very radical, but it is my opinion, thanks for the attention.

Testing pack of malware against a product is easy:

1- install the AV and update it
2- use processes/files monitoring tools
3- launch the malware
4- observe how the products react and what happens in the monitoring tools.

Basically, nothing much different than those "famous" Test Labs.

Finding real malware is the difficult/time consuming part...

screenshots gives enough infos to get a base opinion.

 

[harlan4096]

There are "testers" still in trial period (L0ckJaw is one of them), in fact He just starting to post now, during that trial period, He will be monitored in his posting and committed to follow the testing rules and fixed their posting

 

[L0ckJaw]

I have stopped being a AV-tester. No time anymore.

 

[L0ckJaw]

Hello everyone!
I am a huge fan of the site, mainly to see tests with various Antivirus in the malware Hub, but I have noticed that it has tester that does not do well its work, how can I believe in a test with just a snapshot? Where are the details? Test Antivirus against malware I believe that it is difficult and serious work, is not for anyone, what is the criterion used by administrators to accept anyone to test? Should not have a good knowledge in malware and have a high level here on the site to be able to be part of the team of testers? Excuse my criticism and if I am being very radical, but it is my opinion, thanks for the attention.

It was just a snapshot if you looked carefully because every sample was quarantained. What more could i do. So if you think you can do it better, be my guest.

 

[upnorth]

I have stopped being a AV-tester. No time anymore.

Sad to hear and fully respected.

 

[Deleted member 65228]

@L0ckJaw You haven't done anything wrong, please go back to testing in the Malware Hub... You do the best you can and you were new to it so even if you *did* make a mistake, you'd learn from it. Everyone starts from somewhere.

Discussions about who is good or bad at replying in the Malware Hub is just opinionated, and people will have an issue with methodology everywhere. Even I do, but once again... opinion!

I'm sure the Malware Hub community appreciated your presence whilst you were there and would love for you to return, and if it is what you enjoy doing as a hobby then you should pursue it until it is too late!

 

[tim one]

It was just a snapshot if you looked carefully because every sample was quarantained. What more could i do. So if you think you can do it better, be my guest.

My respect for your work, if you want to leave because you don't have the time it is ok but if the reason is. ... different, I think you might re-evaluate your decision.

 

[L0ckJaw]

@L0ckJaw You haven't done anything wrong, please go back to testing in the Malware Hub... You do the best you can and you were new to it so even if you *did* make a mistake, you'd learn from it. Everyone starts from somewhere.

Discussions about who is good or bad at replying in the Malware Hub is just opinionated, and people will have an issue with methodology everywhere. Even I do, but once again... opinion!

I'm sure the Malware Hub community appreciated your presence whilst you were there and would love for you to return, and if it is what you enjoy doing as a hobby then you should pursue it until it is too late!

Thanks Opcode but i dont have time. What that dude was referring to was my screenshot of Quarantained files. There was nothing more to do. Norton is super fast with updates.

 

[mekelek]

@L0ckJaw You haven't done anything wrong, please go back to testing in the Malware Hub... You do the best you can and you were new to it so even if you *did* make a mistake, you'd learn from it. Everyone starts from somewhere.

Discussions about who is good or bad at replying in the Malware Hub is just opinionated, and people will have an issue with methodology everywhere. Even I do, but once again... opinion!

I'm sure the Malware Hub community appreciated your presence whilst you were there and would love for you to return, and if it is what you enjoy doing as a hobby then you should pursue it until it is too late!

he did nothing wrong, Norton is just super fast with signatures, files didn't even land on his desktop before being quarantined.

 

[L0ckJaw]

he did nothing wrong, Norton is just super fast with signatures, files didn't even land on his desktop before being quarantined.

Thats not the reason i quit testing, have to work late and i dont want to " fast " test the AV samples. Maybe when work gets less late i will come back for testing if MT still wants me.

 

[bribon77]

Thats not the reason i quit testing, have to work late and i dont want to " fast " test the AV samples. Maybe when work gets less late i will come back for testing if MT still wants me.

respect your decision, but I must say that I would not do it better than you. I've seen you on malwarehub.
I hope to see you soon testing malwares.
Regards!!

 

[ForgottenSeer 58943]

Ugh, I looked forward to your continued testing of Norton. While I don't use Norton I do love following it and seeing it tested. Most guys seem to test the same couple of suites, I'd like to see alternative suites being tested more.

 

[illumination]

Thats not the reason i quit testing, have to work late and i dont want to " fast " test the AV samples. Maybe when work gets less late i will come back for testing if MT still wants me.

That is understandable, although i hope it is the only reason, please do not let a few opinions drive you away from it. I know the guys well enough in the Hub, that if they are encouraging you to continue, they either see potential, or you have already shown them you have what it takes to do this, and that says something in itself, and is something to be proud of.