AV Packers support test?

Discussion in 'other anti-virus software' started by RejZoR, Apr 21, 2005.

Thread Status:
Not open for further replies.
  1. RejZoR

    RejZoR Lurker

    Joined:
    May 31, 2004
    Posts:
    6,426
    I know that i have seen it before,but i can't remember where. I googled for it,but no luck. Can anyone give me the link to any latest packer test or to that old one? The one where they tested several AVs against different packers?
    Thanks
     
    RejZoR, Apr 21, 2005
    #1
  2. IBK

    IBK AV Expert

    Joined:
    Dec 22, 2003
    Posts:
    1,886
    Location:
    Innsbruck (Austria)
    IBK, Apr 21, 2005
    #2
  3. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    8,251
    Location:
    The land of no identity :D
    I dont suppose packers are all that important if an AV has a memory scanner. If the AV does NOT have a memory scanner, one has to take its unpack support into consideration.
     
    Firecat, Apr 21, 2005
    #3
  4. Happy Bytes

    Happy Bytes Guest

    If the malware is already running in the memory it's ALREADY TO LATE.
    A trojan could just disable all the AV programs before they are even able to perform a memory scan.
     
    Happy Bytes, Apr 21, 2005
    #4
  5. quexx88

    quexx88 Registered Member

    Joined:
    Nov 26, 2004
    Posts:
    235
    Location:
    Radnor, Pennsylvania
    Not with PG :D (bought it yesterday)

    Just goes to show the importance of a layered defense. I understand NOD32 already has good unpacking ability.
     
    quexx88, Apr 21, 2005
    #5
  6. illukka

    illukka Spyware Fighter

    Joined:
    Jun 23, 2003
    Posts:
    633
    Location:
    S.A.V.O
    jeps, an effective memory scanner is a continuous real time scan. to intercept the malware before its is executed..

    nod has unpacking support for upx, aspack, how many more??
    mind you nod has been able to detect many packed/repacked variants with advanced heuristics
     
    illukka, Apr 21, 2005
    #6
  7. RejZoR

    RejZoR Lurker

    Joined:
    May 31, 2004
    Posts:
    6,426
    This test shows archive support,not packers support.
    I need test where they compare AVs in unpacking of packers (ASPack,PKLite,UPX,PE_Compact and so on...)
     
    RejZoR, Apr 21, 2005
    #7
  8. Happy Bytes

    Happy Bytes Guest


    Rokop for instance.

    Nautilus did play around with runtime packer tests too.
     
    Happy Bytes, Apr 21, 2005
    #8
  9. Mele20

    Mele20 Former Poster

    Joined:
    Apr 29, 2002
    Posts:
    2,495
    Location:
    Hilo, Hawaii
    I agree. I think Process Guard is probably the most important of my defenses.
     
    Mele20, Apr 21, 2005
    #9
  10. Happy Bytes

    Happy Bytes Guest

    PG is for sure a very nice program :D
    I use it too.
    But please let's stick to the topic.
     
    Happy Bytes, Apr 21, 2005
    #10
  11. RejZoR

    RejZoR Lurker

    Joined:
    May 31, 2004
    Posts:
    6,426
    Happy Bytes,do you maybe have any links to those tests? I have troubles finding those tests...
     
    RejZoR, Apr 21, 2005
    #11
  12. Happy Bytes

    Happy Bytes Guest

    i do not have the direct links, but if you google for "scheinsicherheit" you should find nautilus black 'underground' site :D
     
    Happy Bytes, Apr 21, 2005
    #12
  13. illukka

    illukka Spyware Fighter

    Joined:
    Jun 23, 2003
    Posts:
    633
    Location:
    S.A.V.O
    illukka, Apr 21, 2005
    #13
  14. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    8,251
    Location:
    The land of no identity :D
    Oh well....considering that BD has a good unpacker and ArcaVir has decent heuristics, I may just use both...or I may give away ArcaVir :p:)
     
    Firecat, Apr 21, 2005
    #14
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...