Good morning... Today, I'd like to make some suggestions to the Malware Vault testers. Even if I have stopped testing there for a long time, there is still something I'd like to say to help the testers. In my opinion, everyone should provide a screenshot of the security product version and update (not all testers do this). The update is the most important: we are humans and we may forget to update the signatures. Even if it's really rare to forget that, it should be provided. My second suggestion is about the second opinion scanners usage. In my opinion, if all the samples don't even touch memory and are quarantined by the product, there is no point in doing that. For example, let's say that a tester is using Avira free on a malware pack of 10 items. 4 are detected by local signatures and 6 are blocked on execution by the cloud. At this point, there is no need of a second opinion scan. The same could be said for VoodooShield, COMODO (if set at default-deny, without the sandbox) and avast hardened mode (even if HM doesn't quarantine the sample, that would be the unique left-over) and all products which with a similar mechanism, or that statically detect all samples. Second opinion scanners are more than welcome when a behavioural blocker removes a sample (there may be left-overs). Let me know your thoughts about this Regards..