Jump to content

Malware Blocker

  • Posts

  • Joined

  • Last visited

Everything posted by Malware Blocker

  1. I said I was leaving but I got a notification from this post so I may as well reply. 1) I deny "spamming" because I wasn't in trouble for posting status updates or for creating threads for the videos. I also did ask for some tips on growth - like every small Youtuber does at some point (you won't understand fully until you do Youtube yourself). I have no idea where the staff member possibilities of making money thing came from because I honestly never remember doing that. I didn't enable monetization or set up affiliate links until after I left MT I believe (or towards the very end of my time at MT). 2) Yes I download a decent number of samples from Hybrid Analysis & Malshare (individually yes) & combine them with a pack (NOT from Virussign). There are multiple services that offer pre-packed samples - Virussign is one of the worst ones due to it's high FP rate. The service I use doesn't contain false positives & it does contain new variants of previous Ransomware files for example (some of which aren't even uploaded to VT at the time of making videos). The service I use seems to create packs of malware from a group of people who submit new variants of samples & then makes packs with around 100 samples in. 3) No it's not ok to misinform users, but the point is that in a way all tests are misinforming users - take a look at the 100% scores on AVTest or AVComparatives & that's misinforming users much more than I am. People need to accept that a 100% score in a test doesn't carry to the real world. 4) Several people here have brought statements out of thin air which are completely false. One of which is that I use Virussign for packs (which I don't & you seem to be ignoring me) & another is that I thought this was a bad result, etc - which it isn't particularly. Since this seriously will be the last message I hope you can believe me when I state that I am not using Virussign for packs & that I am not trying to misinform users. I get requests to test these products, I myself am not even interested in creating these video tests or testing products like this whatsoever. At this point in time I am literally just making these tests to keep people happy. I also accept that there are things I could do better, but I seriously don't want to be wasting any more of my time than I already am. As for Youtube traffic (which you mentioned in one of your earlier posts) I really don't care for traffic atm & I have actually deleted over 40 videos & made 34 videos private because I was unhappy with the age + quality of those videos. If you do not believe me then here is an example screenshot of just a few (please see attached). My point being that I've made some of my higher viewed videos private & I've even deleted some of the highest earning videos (for ad revenue). If I was in it for the money then I would never have made this change & my ad revenue would be over £30 a month higher. I am considering deleting the channel completely or just not making AV test based videos anymore & have been for a while before this thread appeared. Thank you for all the feedback.
  2. Final point before I will leave because I'm clearly not making any progress. All tests of AV products are flawed - it doesn't matter if it's done unprofessionally or professionally. Obviously professional tests can provide more accurate results (although 100% scores are unrealistic) & the tests performed are of greater quality - this is why companies like AVTest & AVComparatives charge AV vendors money to have their products tested. The truth is that nothing can emulate a real environment because they are all different - you need to take every test of these types of products with a grain of salt as you like to say. To be honest I thought it was obvious that you needed to take tests like these with a grain of salt, but perhaps to a lot of people it isn't for some reason.
  3. 1) I believe I enabled detection of PUPs in the installer. 2) kmspico is riskware - it's an activation tool for Windows that can be used illegally - lots of AV vendors detect it as unsafe. 3) I never said not to change the settings? I test of default settings because normal users with limited computer knowledge are unlikely to tweak any settings. Please do not bring false information into this conversation. 4) Some Chinese & foreign products can be considered PUPs or adware - they can bring pop ups & unwanted extras. ESET is a product designed to prevent harm coming to the computer - this includes adware because it brings annoyance to the user & can slow the system down, etc. 6) I do know what Hips is & Avira Free does have settings:
  4. I have read all of your points & here is my reply: 1) I was a member of MalwareTips & then a staff member tried to insult me via DM for asking him a question so I decided to leave. I was not banned, I was warned several times for posting videos in the wrong place on their forum, but there's a section there where you can advertise your videos (it's allowed on their forum). The last point here is completely false when did I discuss revenue with another Youtuber? 2) That's great, but I swear on my life that none of those samples are from Virussign - if you don't believe me then fine, but I am telling the truth & you clearly are ignoring my statements because you dislike me. I haven't used any Virussign samples since starting this channel in 2016 - most of them are from Hybrid Analysis & Malshare for example. 3) To be honest I really have no reason to continue doing Youtube when it all brings is unfair criticism from people like yourself - you are ignoring all my replies for some reason & not believing that anything I am saying is true. They don't misinform users anymore than AVTest or AVComparatives who shows AV products getting 100% in tests - which they are not capable of getting in the real world. 4) I also like ESET & I don't understand where you got the idea that I dislike the product? It's in my top 5 Paid AVs list!
  5. I wouldn't say it was a bad result. It detected a lot of files in the scan & the leftover files were PUAs/PUPs & crack/hack tools - which some will say shouldn't be detected or included. But a lot of cracks/hacks are detected & then if it's reported as a false positive the detection won't be removed because it's a program that can be used illegally (some vendors will change the detection name to riskware though). In terms of URLs I shouldn't worry because those were really new phishing links.
  6. Hi Marcos, yes the phishing links used were new & most likely undetected by most vendors (but in other tests using the same phishing link source I've seen products like Kaspersky do much better & I collect the links about 5 minutes before recording). PUAs/PUPs aren't exactly false positives in every case as I'm sure you know, but if the samples are being detecting by other vendors then why not detect it unless you have a different policy on PUAs/PUPs & hacktools, cracks, etc. PUAs/PUPs aren't malicious always, but the point is that they get detected because they cause annoyance to the user - eg. popups (adware), running at startup. I see no reason to remove these sorts of files from the test set when regular users are possibly going to run into these types of files which they should be protected against. I agree that malware can be downloaded via scripts, email, etc. But the reality is that users do download malware from all sorts of places - you can look for game hacks & end up downloading a trojan. You could be looking for a crack & get a keylogger or stealer. The second opinion scans are there to detect things the product has missed - if something is detected in HitmanPro for example then it should be detected by the product in most cases because other vendors like Kaspersky have detected that file. I hope you can agree & please do not take this as an insult in anyway - I am just giving my stance on the situation.
  7. Several things: 1) I am not concerned with Youtube traffic & I spend my time creating these videos to inform other people. 2) Yes my methodology is flawed because I don't have the time nor resources to have fully realistic testing methodology. 3) I don't use malware from Virussign so please don't spread the word that I do...I use samples from several sources including Hybrid Analysis, Malshare, VirusShare, etc. 4) Next thing, no I don't rename files themselves, I download the samples individually or as ZIP files created by others & then change the file extensions usually from .bin to .exe. 5) On top of all the other time spent creating a video you expect me to execute every sample? I don't have the time to do that, I am not unemployed & I do have other activities going on in my life. 6) If I am downloading the samples individually I do upload them using the VirusTotal uploader to VirusTotal & check the first submission date for each sample. If I am using samples in packs provided by other people then I just have to trust that what they say is accurate as once again I don't have the time to check each .exe file. 7) That's correct I don't take the time to "learn the product" because again I don't have that time. A key thing to note is that normal users don't necessarily take the time to learn the product either - lots of users install the product & leave it alone because they just want protection. That's why I do the tests on default settings. I agree with you that my methodology is flawed, if you think you can do better then feel free to join the Youtube community & start uploading tests yourself. I don't have the resources nor time to "test correctly" as in test with tremendous accuracy & I don't understand how you can expect someone like myself to have that much free time to spend. Finally, as a message to the moderator reading this - none of what I have written above is intended to be offensive or insulting towards anyone on this thread, I am simply trying to correct this person's comment because he appears to have just plucked random information out of thin air (eg. that I use VirusSign for samples).
  • Create New...