PC Tools uses a "virtual sting" operation to nab suspected malware

SAN FRANCISCO, CA March 1, 2006—PC Tools Threat Expert—a new automated spyware/virus weapon that rapidly decodes dangerous threats has a secret weapon—it creates the equivalent of a "sting operation" to fool suspected viruses and spyware into revealing dangerous behavior.

"Most Internet security sandbox detection of suspected threats use systems that replicate the Microsoft OS," said Michael Greene, Vice President of Product Strategy. "This means these sandboxes must be constantly updated or they fail to catch suspected malware. Threat Expert's approach replicates both the hardware and software to fool these suspected threats into revealing their criminal activities."

"Imagine that a criminal is invited into a room with cash sitting on the table. Until the suspect takes the money, you don't know if he or she is a criminal. Threat Expert creates the same virtual situation for suspected viruses and spyware, nabbing them every time," Greene said.

Greene explained that typical behavior of viruses and malware is to ask questions such as: "Is there an active Internet connection?" If the answer is "no" the virus simply stops. "But our software replies: 'yes' and when the suspected malware tries to connect to a remote server to download sensitive information, Threat Expert says: "talk to me baby."

"We are able, in a matter of minutes, to decode all the dangerous threat information, create an informative report and quickly produce fixes," said Greene.

"This report can be especially helpful for organizations such as content providers and social networks concerned about protecting their users from viral threats," said Greene. "We are finding that best practices dictate that these organizations consider a solution like Threat Expert to protect users."

"For business customers this is especially important, particularly those with mission critical IT structures, who simply cannot afford down time- such as those in the financial, telecommunications, and pharmaceutical sectors." Greene added.

"A major security firm like Symantec receives more than 2,000 new viruses each month (according to the Symantec Threat Report). This figure does not include the burgeoning number of Trojans, adware, and spyware. McAfee also adds detection for around 5,000 new threats per month of which only about 30-50 get to the online encyclopedia."

"It is not that business customers don't care. In fact business IT managers want a description of every threat they can get. The problem is that even these very large companies do not have the resources to decode so many threats. Threat Expert automation is a new "paradigm." It allows a medium-sized company like PC Tools to be competitive with the largest companies in the sector. Being a fully scalable solution, customers can match their security needs buy simply buying more Threat Expert servers." PC Tools is currently offering the Threat Expert service to companies for free evaluation.

For those interested in seeing a detailed report regarding Threat Expert's evaluation of a suspected rootkit threat see: http://www.pctools.com/threat-expert/sample/report/small/

Learn more about Threat Expert at: http://www.pctools.com/threat-expert/

ABOUT PC TOOLS™

PC Tools is a global software leader with a cache of security and utility products, including the multi award-winning Spyware Doctor™. PC Tools is an industry leader in real-time anti-spyware and has a number of key patents pending.

The PC Tools Malware Research Center monitors trends and emerging spyware issues and provides security solutions for the consumer and enterprise marketplace. The company is headquartered in Sydney, with offices in San Francisco, London, Dublin, Melbourne, and Kiev. PC Tools has a global network of distributors, resellers, and retailers.