Evjl's Rain
Level 47
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
- Apr 18, 2016
- 3,676
- 28,872
- 4,599
Qihoo 360 and Malwarebytes 3.1.2 vs. NonPetya
- Thread starter Evjl's Rain
- Start date
It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.
not surprised that malwarebytes failed the test, it's a laughing stock nowadays.
thanks for the videos, i still can't stand Qihoo's popups and weird stuff.
thanks for the videos, i still can't stand Qihoo's popups and weird stuff.
Hey thanks @Evjl's Rain!
I suspect that Qihoo used offline definitions (or cached signatures in its case) while detecting the file on execution... it displays the same name it had for the static detection, with no more info.
If it was HIPS/BB intercepting the attack, there could have been a different alert informing about the action performed by the malware, though I may be wrong here.
I suspect that Qihoo used offline definitions (or cached signatures in its case) while detecting the file on execution... it displays the same name it had for the static detection, with no more info.
If it was HIPS/BB intercepting the attack, there could have been a different alert informing about the action performed by the malware, though I may be wrong here.
Evjl's Rain
Level 47
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
- Apr 18, 2016
- 3,676
- 28,872
- 4,599
something I forgot to tell, after I disabled the internet connection, I scanned the file again, it was not detected. Then I made the video
I also suspect some kind of caching
Not surprised here either not been a fan of MB since version 3.0 was released. Very mediocre to say the least.
Thanks @Evjl's Rain!
This shows again that MB is perhaps a little bit overrated....
Regarding 360TS: even if the results are good, I can't warm myself for the look and feel, something doesn't feel right when testing it....
This shows again that MB is perhaps a little bit overrated....
Regarding 360TS: even if the results are good, I can't warm myself for the look and feel, something doesn't feel right when testing it....
I have to agree there froggy, Malwarebytes team must be holding their heads in their hands at how dreadful their product has become.Not surprised here either not been a fan of MB since version 3.0 was released. Very mediocre to say the least.
Finding another on demand scanner thats good now a days is getting harder!
Hitman Pro, Zemana, Norton Power Eraser(free), Herdprotect(beta)
all of these are miles better in detecting anything than Malwarebytes
Maybe so. This one uses EB/DP to move. Maybe Qihoo found some reason to think someone might be working off line after leanning of the rpresence of NP so added sig.
Though we cannot attribute a specific behavior with the detection, that attempt to exploit SMB via EB may be a possibility here.
There can be the enumeration of connected hosts - lookup and SMB copying, attempt of remote execution and what not among the possible interception(s) at different stages...the next and main trashing functionality aside.
Actually not. They insist that these videos are not real world tests and that in the "real world" MBAM would protect the system. Of course MB never offers proof of any protection apart from just words.
Last edited:
Evjl's Rain
Level 47
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
- Apr 18, 2016
- 3,676
- 28,872
- 4,599
avast blocked it by IDP
Imgur: The most awesome images on the Internet
but the question is: did they add the rule for nonpetya in IDP before or after the outbreak?
IDP relies on the internet to work and I saw many times that avast was bypassed but a few hours later, the same samples were blocked by IDP
Qihoo is very impressive
But I don't agree with the MB bashing, they're still probably the best at PUP detection. And they certainly detect most common ransom ware.
But I don't agree with the MB bashing, they're still probably the best at PUP detection. And they certainly detect most common ransom ware.
Evjl's Rain
Level 47
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
- Apr 18, 2016
- 3,676
- 28,872
- 4,599
detect by signatures, yes, but if the ransomwares are zero-day, MB won't be able to protect
there are much better free options out there, such as appcheck and ransomoff
signatures and heuristics are covered by AVs
Also I read the official statement from MB that its anti-exploit module CAN'T block eternalblue/doublepulsar exploit
for me, zemana has a slightly better PUP protection and everyone can get it for free
Last edited:
Thanks for the test... MB is one of the worst AV!
Nice video, again 
Thanks @Evjl's Rain
Yeah, Malwarebytes will fail. Malwarebytes should not be used as a main av, use as a on-demand scanner only.
Thanks @Evjl's Rain Yeah, Malwarebytes will fail. Malwarebytes should not be used as a main av, use as a on-demand scanner only.
It saddens me to see Malwarebytes performing that badly in latest tests; I've been a loyal customer for almost a decade, ever since it helped me to get rid of the only nasty infection I've ever had and every other thing i tried failed (and even though that happened a long long time ago, I still vividly remember the fear and panic I felt when that rogue crap popped up on my desktop 
). It has been my favorite piece of security software for a long time.
To be honest, I don't know much about AV software testing methodology so I don't know what to make of their claims that even though they don't score high on tests, they perform well in real world situations.
). It has been my favorite piece of security software for a long time.To be honest, I don't know much about AV software testing methodology so I don't know what to make of their claims that even though they don't score high on tests, they perform well in real world situations.
Evjl's Rain
Level 47
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
- Apr 18, 2016
- 3,676
- 28,872
- 4,599
it's because we, as home users, rarely get true zero-day malwares. We usually get a week or a few months old malwares so we are usually protected by AVsIt saddens me to see Malwarebytes performing that badly in latest tests; I've been a loyal customer for almost a decade, ever since it helped me to get rid of the only nasty infection I've ever had and every other thing i tried failed (and even though that happened a long long time ago, I still vividly remember the fear and panic I felt when that rogue crap popped up on my desktop
To be honest, I don't know much about AV software testing methodology so I don't know what to make of their claims that even though they don't score high on tests, they perform well in real world situations.
somebody told me that his company were protected by symantec endpoint protection but nonpetya infected many of the machines, although symantec/norton products have scored really well in MT hub tests + symantec can protect against eternalblue/doublepulsar exploit. not sure what happened
You may also like...
-
Qihoo 360 Free Total Security 2025- Started by Shadowra
- Replies: 28
-
Malwarebytes vs Kaspersky: Real Malware Test Will Shock You- Started by nickstar1
- Replies: 14
-
-
AVG vs Symantec Antivirus: This One Cleaned Better
- Started by Khushal
- Replies: 57
-
Battle: Bitdefender Free Antivirus vs 360 Total Security Free Antivirus | Test and Review | 2025- Started by NB InfoTech
- Replies: 2