Strong Monitor of Panda

Discussion in 'other anti-virus software' started by woobook, May 26, 2006.

Thread Status:
Not open for further replies.
  1. woobook

    woobook Registered Member

    Joined:
    Oct 27, 2005
    Posts:
    131
    I have used Panda Titanium 2006 more than three months. Panda is very stronger. I don't know whether or not Panda is still using Sygate Firewall. Maybe Panda firewall is a "Application Gateway", because in Tcpview I find that all connections are established through an Internet resident proxy, Panda's "WebProxy.exe". It makes surfing speed a little slow down, because the proxy need to check each connection.

    In addition, Panda warns BOClean perform a "Dangerous action"
    I downloawed a trojan simulator to test my BOClean. It is a zip file. I extracted it then Panda pop up showing it is a trojan and asked to delect it. I chose exclusion. Then I run the trojan simulator. BOClean caught it and asked to remove. I clicked OK, A message showed me that "BOClean has encountered a problem and needs to close."
    The following is Panda's log:

    Tracking program detected 05/26/06 13:12:40
    Notified Location: c:\documents and settings\xxxxxx\trojansimulator\tsserv.exe

    Tracking program detected 05/26/06 13:12:43
    Notified Location: c:\documents and settings\xxxxxx\trojansimulator\trojansimulator.exe

    Suspicious operation 05/26/06 13:13:10
    Blocked Application: C:\PROGRAM FILES\NSCLEAN\BOCLEAN\BOC421.EXE - Operation: Deny if some application try to modify Winlogon Shell Application

    Suspicious operation 05/26/06 13:13:15
    Blocked Application: C:\PROGRAM FILES\NSCLEAN\BOCLEAN\BOC421.EXE - Operation: We deny modification of HOSTS file (C:\WINDOWS\system32\drivers\etc\hosts). We have blocked an attempt to modify hosts file.

    Suspicious operation 05/26/06 13:13:20
    Blocked Application: C:\PROGRAM FILES\NSCLEAN\BOCLEAN\BOC421.EXE - Operation: We deny modification of HOSTS file (C:\WINDOWS\system32\drivers\etc\hosts). We have blocked an attempt to modify hosts file.

    Suspicious operation 05/26/06 13:13:25
    Blocked Application: C:\PROGRAM FILES\NSCLEAN\BOCLEAN\BOC421.EXE - Operation: The Disable registry Tools, and Windows File Protection keys can't be modified by any applications. Some Malware use this key to avoid delete the keys created or modified by them.

    Suspicious operation 05/26/06 13:13:30
    Blocked Application: C:\PROGRAM FILES\NSCLEAN\BOCLEAN\BOC421.EXE - Operation: The Disable registry Tools, and Windows File Protection keys can't be modified by any applications. Some Malware use this key to avoid delete the keys created or modified by them.
     
  2. ASpace

    ASpace Guest

    Since August 2004 Panda has TruPrevent technologies - behavious analysis technologies which are much inproved in 2006 and may be they are Panda's greatest feauture. In 2006 TruPrevent not only analysis the behaviour but it also has another components . It includes:
    1) Heuristic scan
    2) Behaviour analysis
    3) Kernel policy rules

    As you can see one of the many Kernel policy rules is connected to fully protecting Windows HOSTS files . You received an error message (the program needs to close) because TruPrevent killed the process
     
    Last edited by a moderator: May 28, 2006
  3. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,040
    To bad TruPrevnet doesn't monitor Panda's marketing technique. Anyone that gives them their email to download a trial, ends up on their spam list, and spam it is. Comes from Unknownsender..... There is a thread about this on DSLreports. Wish to heck I'd seen it before trialing Panda. Stay Away if you aren't using it.
     
  4. ASpace

    ASpace Guest


    I know that very well . Don't worry :)
     
  5. woobook

    woobook Registered Member

    Joined:
    Oct 27, 2005
    Posts:
    131
    Thanks for your demonstrate.
     
  6. ASpace

    ASpace Guest


    :D You're welcome :D
     
Loading...
Thread Status:
Not open for further replies.