Saturday, February 13, 2010

Another report of a missed detection on the malwarebytes forum http://forums.malwarebytes.org/index.php?showtopic=39902

the malicious URL in question is http://www.chinchadenoche.com/cgl-bin/cholin/dedicacion.exe

With all detections in NIS2010, you first get an very informative Norton Insight dialog.


Most users will choose not to run the malware. But even if they do, the second proactive layered protection component kicks it SONAR and kills the threat. Once again, just a reminder, there are NO SIGNATURES AT PLAY here. All of this detection is zero day.



Posted by at No comments:

Download missed by MalwareBytes


Another posting on the malwarebytes forum about a missed detection http://forums.malwarebytes.org/index.php?showtopic=39904

The malicious URL is http://www.compregames.com/files/cx2.exe

SONAR detection, no signatures required!





Posted by at No comments:

Another missed detection by MB

Another malwarebytes customer complaining about a missed detection http://forums.malwarebytes.org/index.php?showtopic=39905

And SONAR detects it without any signatures.

Posted by at No comments:

Another missed MB detection

Another missed detection on the MB forums


The malicious URL is http://lyndaporfiri.dreamstation.com/

Ofcourse SONAR detects it, no problem

Posted by at No comments:

Another missed MalwareBytes detection


The malicious URL is http://l3-antispyware-defence.com/download.php?id=436

detected by SONAR:


Posted by at No comments:

Malwarebytes Missed detection

There is a lot of buzz about how MalwareBytes is able to detect threats that other large vendors including Norton miss. That is a joke. Here is the fact: MalwareBytes detects 2000 odd threats that other vendors miss. Norton and other vendors detect MILLIONs of threats that MalwareBytes miss. So if you to do away with your Norton product and rely on a free product like Malwarebytes, you are taking your life into your own hands.

I started looking into these so called reports of threats missed by Norton that malware-bytes detected. The first thing to realize is there is no one product called "Norton". Every Norton product is different, and when discussing the protection capabilities of Norton products you must look at the latest version of the consumer product Norton Internet Security 2010.

In this series of posts I will look at various samples posted on the MalwareBytes forum that their product missed, and test how those samples will fair against NIS 2010 ON THE SAME DAY that they were posted. This is important in order to provide a level playing field; we dont want to give Norton even a day's time in order to add a definition for it. We are looking solely for SONAR aka heuristic detections.

Here is the first one.


Norton detection:




Posted by at No comments:
Subscribe to: Posts (Atom)