I'm testing AV products against zeroday malware

has anyone detected and cleaned it correctly?

 

Yes, I believe it is part of the Zeus line.

 

if its that one I've dissected it

 

I'd have to say that NOD32, and Prevx has been humbled by some of this stuff

 

Still no DefenseWall test? I'm interested in this app as I'm using the trial on my computer and if it performs well I might buy it.

 

Wouldnt a safe mode scan with nod/prevx get rid of it?

 

Hi Brad, I see that you check with HJT and Eset's SysInspecter. Do you check if anything else has been missed. The gmer ark and gmer's catchme userland ark, RootRepeal, Rootkit Unhooker and IceSword are good tools to use failing using a debugger such as WinDbg. These would cover hidden processes, services, files, registry items and connections to complete the picture so to speak if something got passed the software - with other hints and features if so technically minded.

Just a thought.

 

I'd also like to see DefenseWall tested as well as Online Armor++. I suspect both of these would block everything but it would be interesting to see the results.

 

Looks like these have been renamed and disabled with the vir extention. Perhaps NOD32 did this automatically

 

I'd like to see NIS 2010 and/or NAV 2010 tested or demonstrated, as arc1965 so well putted it ;-). It would be fun to see, if all the fuzz about it, holds water or not.


Cheers

 

Another vote for DefenseWall...

 

That's unfair towards antivirus products. Defensewall is too strong.

Seriously, what are the chances that Brad will encounter something that can breach Defensewall? 0,01% ?

 

No, it's less than that

 

Test out INNOBATE AntiVirus
http://www.innobate.com/Products/InnobateAntiVirus/Index.HTM

 

Why don't you test Antivirus 2009 ?

 

Okay, I understand what you mean now.

 

Excellent idea ! Since it's on so many machines it's popularity must mean it's rather good.

 

Please be serious. We are discussing about very important matters here.

 

You guys so funny for him to these a rouge antivirus. But there are some unknown Antivirus programs made by lesser known security software companies. This INNOBATE AntiVirus provides On-Access, on-demand resident shield against virus, worms, trojans, and malware Sounds like it can protect the system. I could test but this guy already has test rig ready to go..

I myself ran into this one last night: dologin.exe Comodo FW and Rising AV both caught this one trying to contact a ip site 71.x.x.x

This INNOBATE supports: Windows 2003, Windows Vista, Windows Server 2008, Windows XP, Windows 7
http://download.cnet.com/Innobate-AntiVirus-Free/3000-2239_4-10964882.html

 

Man I had to bail on that last review... About to fall asleep in my chair

That was some nasty stuff..

NOD32/PCTW/PrevX

 

where is comodo internet security

 

On the list

 

Test is time consuming! Add RegProt (Registry Prot) to your list, small program is lets you know what going to run or run as..) (Yes to allow No to del)

 

Hey Brad try IOBit 360 against some MW.

 

I'd like to see IOBit 360 and AVG Free ver 9.