Has anyone actually tested this piece of software on live infections and compared it to other products? Like real nasty malware like trojans and keyloggers (not some benign adware)?

{QUOTE-> Has anyone actually tested this piece of software on live infections and compared it to other products? Like real nasty malware like trojans and keyloggers (not some benign adware)? <-QUOTE}

I'm game but before i go hosing my research computer can you expand on what aspect you require testing???

Scenario A A PC that is already infected where the software is introduced post infection inorder to act as the cleaner.This would check its detection and cleaning capabilty etc

Scenario B Its realtime protection capability where the software is loaded+configured and then the computer is opened up to attack vectors for hostile code.

My research computer is running SP1 with NO patch's/updates installed.The user has habit of clicking on dubious file downloads and surfing the dark corners of the web.Added bonus the PC has installed the JRE1.4.2 just so Vundo can gain entry when surfing through certain cracksites

I can do both scenarios over 2 sessions so what do you want first;D

That would be awesome! Yea, do both scenarios if you could. Could you compare to SAS Pro and Threatfire? I'm especially interested in which one has the best real time protection.

Thanks again :thumb: :thumb: for that license ;)

Well I can tell you right now (working for Spyware Terminator) that detection of keyloggers will probably be poor, since our policy for keyloggers is that we dont detect commercial keyloggers since they "can" be used for legitimate purposes (monitoring company employees, or monitoring children activity).

I think in the future this will be changed and we will detect commercial keyloggers as "riskware", software that can be a potential risk depending on how they are used.

{QUOTE-> Well I can tell you right now (working for Spyware Terminator) that detection of keyloggers will probably be poor, since our policy for keyloggers is that we dont detect commercial keyloggers since they "can" be used for legitimate purposes (monitoring company employees, or monitoring children activity).

I think in the future this will be changed and we will detect commercial keyloggers as "riskware", software that can be a potential risk depending on how they are used. <-QUOTE}

Hey Tokar do not panic,i have yet to experience a real world malware infection/attack that includes commercial keyloggers....Tr Sinowal + TR LDpinch/PSW's now thats real life malware with the same aim:thumb:

Just to put your mind at ease I will stick to current infections c/o Cracksite/pr0n via consential file download(e.g free pr0n codec/keygen etc) and exploit attacks from known bad urls.

{QUOTE-> That would be awesome! Yea, do both scenarios if you could. Could you compare to SAS Pro and Threatfire? I'm especially interested in which one has the best real time protection.

Thanks again :thumb: :thumb: for that license ;) <-QUOTE}

SAS Pro for benchmarking as i have not yet tested/used Threatfire although i will do in the future:thumb:

{QUOTE-> Hey Tokar do not panic,i have yet to experience a real world malware infection/attack that includes commercial keyloggers....Tr Sinowal + TR LDpinch/PSW's now thats real life malware with the same aim:thumb:

Just to put your mind at ease I will stick to current infections c/o Cracksite/pr0n via consential file download(e.g free pr0n codec/keygen etc) and exploit attacks from known bad urls. <-QUOTE}

Neil from PCMag uses commercial keyloggers in his keylogger test, which is the reason for poor scores for ST and AAW2007 in this category.

That's just stupid! Why not use some real world malware that logs keystrokes?

{QUOTE-> Neil from PCMag uses commercial keyloggers in his keylogger test, which is the reason for poor scores for ST and AAW2007 in this category. <-QUOTE}

SAS as well....shame Neil dose'nt go and get his test PC hosed out with Delf but then that requires more specialized/advanced observation and recovery.

This is where my methodolgy and sources differ.I use current(not VX or archived) malwares & subsequent infections.These are the realworld threats faced and not some inactive 1997 sub-seven trojan stored in c/Virus samples folder(as seen by certain testing/reporting houses).

I hope this meets with your approval:)

fcukdat, how well does SAS Pro do in real time protection?

Hi Drew99GT/Tokar

Initial update...This is going to take a while to correlate data,i will probaly not have the time until next week to see this through.Thanks for your patience:thumb:

No problem. Thanks for testing! So compared to other software you've tested, how does SAS Pro do in real time? (do I sound like a broken record!!!)

An interesting read :)

An informal snapshot of virus-detection rates on some fresh real-world malware (http://forums.anandtech.com/messageview.aspx?catid=76&threadid=2084972&enterthread=y)

{QUOTE-> Hi Drew99GT/Tokar

Initial update...This is going to take a while to correlate data,i will probaly not have the time until next week to see this through.Thanks for your patience:thumb: <-QUOTE}
I wish u could u do a small set of testing for famouse AS applications to let us know the reality.
Sure it might need a lot of time!

{QUOTE-> SAS as well....shame Neil dose'nt go and get his test PC hosed out with Delf but then that requires more specialized/advanced observation and recovery.

This is where my methodolgy and sources differ.I use current(not VX or archived) malwares & subsequent infections.These are the realworld threats faced and not some inactive 1997 sub-seven trojan stored in c/Virus samples folder(as seen by certain testing/reporting houses).

I hope this meets with your approval:) <-QUOTE}

Indeed it does.