Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
Video Reviews - Security and Privacy
Malwarebytes and HitmanPro vs some Worms
Message
<blockquote data-quote="cruelsister" data-source="post: 446757" data-attributes="member: 7463"><p>Radar- Generally speaking some companies have made changes shortly after a video was posted. Sandboxie was one that closed a hole that was demonstrated within 36 hours, Shade did virtually the same thing withing 24. A certain ani-ransomware application that I did a couple of hatchet-jobs on made some changes (like putting out anew builds and changing the advertisement on their webpage), but eventually made what was a paid application free and now seems to have ceased development of it. I'd like to think that the Emsisoft announcement (which is the only one so far that is Scriptor specific) was a reaction to my video of a few months ago that showed EEK also lacking but that may be going to far.</p><p></p><p>I really feel that the lack of effectiveness of a given product in detecting Scriptors is tied to their reticence to be viewed as a False Positive factory. Things like VB scripts are used routinely and legitimately all the time, and trying to distinguish between legitimate and malicious is somethings difficult- but as Emsisoft is telling us, not impossible by any stretch.</p><p></p><p>User- Thanks for spreading the word on the forums!</p><p></p><p>Doc- As I stated, although the samples aren't zero-day they aren't that old either; and i believe MB has made improvements in keeping definitions in their database for a longer period (used to be about 2 years if memory serves). But this quote is disturbing:</p><p></p><p></p><p></p><p>If that is indeed the case (and I suspected a response like this which is why the video starts out with the MB webpage) they should change advertising to reflect this.</p><p></p><p>And finally to Rajat- Power Eraser is of absolutely no value for Scriptors (trust me).</p></blockquote><p></p>
[QUOTE="cruelsister, post: 446757, member: 7463"] Radar- Generally speaking some companies have made changes shortly after a video was posted. Sandboxie was one that closed a hole that was demonstrated within 36 hours, Shade did virtually the same thing withing 24. A certain ani-ransomware application that I did a couple of hatchet-jobs on made some changes (like putting out anew builds and changing the advertisement on their webpage), but eventually made what was a paid application free and now seems to have ceased development of it. I'd like to think that the Emsisoft announcement (which is the only one so far that is Scriptor specific) was a reaction to my video of a few months ago that showed EEK also lacking but that may be going to far. I really feel that the lack of effectiveness of a given product in detecting Scriptors is tied to their reticence to be viewed as a False Positive factory. Things like VB scripts are used routinely and legitimately all the time, and trying to distinguish between legitimate and malicious is somethings difficult- but as Emsisoft is telling us, not impossible by any stretch. User- Thanks for spreading the word on the forums! Doc- As I stated, although the samples aren't zero-day they aren't that old either; and i believe MB has made improvements in keeping definitions in their database for a longer period (used to be about 2 years if memory serves). But this quote is disturbing: If that is indeed the case (and I suspected a response like this which is why the video starts out with the MB webpage) they should change advertising to reflect this. And finally to Rajat- Power Eraser is of absolutely no value for Scriptors (trust me). [/QUOTE]
Insert quotes…
Verification
Post reply
Top