I was curious about how the DE-Cleaner of Symantec works, so I downloaded the software and give it a closer look. I did not dissemble it or anything similar… I simply performed a little black box testing. So, I started it without any internet connection. The result was: no scanning was possible. DE-Cleaner requires an Internet connection. This is an indication that the software is an in-the-cloud scanner. After seeing this, I searched on the website botfrei.de more details. And I found them… yes, indeed the Symantec De-Cleaner needs an Internet connection. This is why the file has the size of only 6 MB – because it contains no signatures. After allowing it to connect to the Internet through the Avira Firewall, I let it scan a folder. And the results were: MANY FALSE POSITIVES which should have been easily skipped. Let’s take one of them, which is the software I bought for preparing myself for the exam CompTIA Project+ which I took in July. I don’t know how you see it, but I find not enough infos to say that the software is suspicious. I think that the guys from Symantec have still a lot of work ahead to…
Virus Bulletin Article on Anti-Botnet-Initiative The Virus Bulletin Magazine has published an article on the anti-botnet initiative in which Avira takes part. The goal is to clean infected computers and reduce the impact of cyber criminal activities. Read the article here (.pdf, 111kb) or head over to the Virus Bulletin web site where the magazine is available as whole!
Presentation at the Anti-Botnet Initiative Presentation at the Anti-Botnet Initiative View more presentations from msorin.
The Avira Techblog published today a new article of mine about the Anti-Botnet Initiative. Immediately after, Softpedia commented on the Anti-Botnet Initiative : “While running the Linux from the rescue system, Windows is completely inactive (not as in Safe mode) so the rootkits are also not active. This is actually the only reliable possibility to detect rootkits,” Sorin Mustaca, a data security expert at Avira, explains. Nice work 😉