SAS real-time protection fails - Prevx saves!

Discussion in 'other anti-malware software' started by ako, Aug 6, 2009.

Thread Status:
Not open for further replies.
  1. ako
    Offline

    ako Registered Member

    I did a small very unscientific test. I installed Superantispyware Pro, Winpatrol, Hitman pro and Prevx free. Then I started installing 5 nasty malwares. SAS was almost blind preventing only one from installing. Winpatrol and Prevx both warned of the infections.

    http://img80.imageshack.us/i/sas3.jpg/
    http://img231.imageshack.us/i/sas6.jpg/ (look at Winpatrol warning!)

    The system was soon full of pop-ups.

    http://img44.imageshack.us/i/sas5.jpg/

    I scanned with SAS, cleaned and rebooted. It could remove quite a lot, but after reboot only Prevx could run, and malware prevented all execution of other programs.

    http://img26.imageshack.us/i/sas7.jpg/

    I scanned with Prevx, put licence key, cleaned

    http://img39.imageshack.us/i/sas8.jpg/

    and rebooted. Now the PC was clean, but file associations for exe-files had not been corrected,so the system was still unusable.

    http://img401.imageshack.us/i/sas9.jpg/

    I booted to safe mode (command prompt), restored a clean system and booted. Evething was ok now! Programs could start, and Hitman pro also told system is clean. Prevx rocks!

    Ps. I've found Winpatrol very useful in my tests! SAS real-time protection seems poor,and SAS cleaning capabilities seem clearly inferior to Prevx.
    Last edited: Aug 6, 2009
  2. Retadpuss
    Offline

    Retadpuss Suspended Member

    Very interesting. Whilst the test uses a tiny number of malware samples and could therefore be seen as having little meaning, it does fit with my experience of testing. Whenever I have tested SAS on current and new malware, it has always been the worst.

    Puss
  3. ako
    Offline

    ako Registered Member


    It is also interesting that Prevx could resist killing, while SAS could not.

    P.S: Could someone french speaking look these videos on Prevx and make a summary?

    http://www.youtube.com/user/PegHorse
  4. jmonge
    Offline

    jmonge Registered Member

    did you tried the new malwarebytes againts same test and wooooo winpatrol is getting better:thumb:i also wonder what would happen if your answer for winpatrol in the alert is no,no,no will winpatrol block the malware?what kind of malware were they?thanks
  5. ako
    Offline

    ako Registered Member

    Can't test MBAM real-time, I have no key to it.

    In my tests Winpatrol sometimes blocks, sometimes queries again and again. Anyway, it is very good at telling what's going on.

    Fake AV:s, trojans.

    PS. Does anyone know how to recover file association for .exe without system recovery (see my first post)?
    Last edited: Aug 6, 2009
  6. jmonge
    Offline

    jmonge Registered Member

  7. PrevxHelp
    Offline

    PrevxHelp Former Prevx Moderator

    Our removal routines "should" have cleaned them but apparently there is some issue (just received a few reports from other users of ours about that failing aspect of cleanup as well so we will be fixing it).

    However, try renaming regedit.exe to regedit.pif and then running it and edit:

    HKEY_CLASSES_ROOT\.exe

    set the default value to:

    exefile

    and then open HKEY_CLASSES_ROOT\exefile\shell\open\command and set the default value to

    "%1" %*

    That should fix it - let me know if it doesn't, however, and I'll investigate further on this particular infection :)
Thread Status:
Not open for further replies.