PDA

View Full Version : Extra heuristics for web access protection?

viruscraft
November 23rd, 2008, 08:14 AM
When I was trying to download a software named Airplay,the alert with orange color appears.

http://club.eset.com.cn/attachments/month_0811/20081123_04cb997e4a44952f6e1eH2ADHsNF6nMn.png


But when I disable web access protection and then finish the downloading,there is no warning triggered in the on-demand scan.

http://club.eset.com.cn/attachments/month_0811/20081123_eb5169ca5bf4d4beca7fxjNIRw76E8dQ.png

Looks like it's a extra heuristics for web access protection.
Any ideas?
ASpace
November 23rd, 2008, 08:27 AM
It has been like that for quite a long time . Web and email heuristics are more sensitive than on-demand scanner ones .
funkydude
November 23rd, 2008, 08:39 AM
{QUOTE-> It has been like that for quite a long time . Web and email heuristics are more sensitive than on-demand scanner ones . <-QUOTE}

Actually they are the exact same, just that most advanced heuristics is disabled by default in the context menu on demand scan. Something I mentioned to Marcos because the settings of the context menu on demand scan should not differ from the full on-demand ones. Obviously they didn't change it.

204246
viruscraft
November 23rd, 2008, 09:56 AM
{QUOTE-> Actually they are the exact same, just that most advanced heuristics is disabled by default in the context menu on demand scan. Something I mentioned to Marcos because the settings of the context menu on demand scan should not differ from the full on-demand ones. Obviously they didn't change it.

204246 <-QUOTE}

Still no alert in on-demand scan with the highest setting(all options are checked) .
HiTech_boy is right.
Heuristics in web scanner are more sensitive.
ASpace
November 23rd, 2008, 10:20 AM
{QUOTE-> most advanced heuristics is disabled by default in the context menu on demand scan <-QUOTE}

That is not true. Here are the default settings for the Context menu on-demand scan for v3 .

204249

As you can see , AH are enabled . Actually Advanced heuristics are enabled by default on all modules and profiles except for file access on the Real-time file system protection.
Marcos
November 23rd, 2008, 11:32 AM
The web access and email protection use most sensitive heuristics. If you know a file you're downloading is 100% benign, you can disable the web access protection for a while until you download it. Alternatively you can disable potentially unwanted applications in the web access protection setup, but that's not recommended to do.
viruscraft
November 23rd, 2008, 10:59 PM
Thx for your suggestion,Marcos.
That would be better if offers a option for this extra heuristics.