Analyst's View: How to Catch a Virus

Discussion in 'other anti-virus software' started by CloneRanger, May 17, 2010.

Thread Status:
Not open for further replies.
  1. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    http://www.pcmag.com/article2/0,2817,2363812,00.asp


    - Observations i made on the test -



    Ask the Experts


    Dangerous ? only if he runs them, which he should know how not to !


    The Sport of Malware Watching

    VM's are ok up to a point, but nothing compares to running malware on a REAL system. He should backup a fresh OS etc install, and reload that after each test.

    PC Armor was originally launched as Spyberus by Robot Genius http://www.robotgenius.net/products/spyberus.jsp and was an early attempt at a Returnil etc type product.

    http://www.pcmag.com/article2/0,2817,2340671,00.asp

    Legacy keys are easy to delete, if you know how.


    Sanity Check

    42 no shows at VT etc on new malware, does NOT mean they are 100% clean, and he should know that, so i will argue.


    - Apps used in the tests -


    Process Explorer = Excellent

    PC Armor = Havn't tried it, but based on above, Returnil etc would be much better.

    InCtrl5 = Excellent

    Panda Anti-Rootkit = Quite good, but there are better ARK's

    Norton AntiVirus 2010 = Good, but not the best

    Spyware Doctor = Havn't tried it, but not that it immediately springs to mind to use it from others opinions.

    Malwarebytes = Good


    Note - Spyware Doctor and Norton AntiVirus 2010 both owned by Symantec, which sponsers PC Magazine that Neil J. Rubenking works for.

    What do you think about the test, and what would you differently ?
     
Loading...
Thread Status:
Not open for further replies.