I always hoped that Advanced Heuritics would protect me against trojan downloaders but over the past 3 weeks I got a lot of them in my temp files and IMON nor AMON didn't say a peep, even when I scanned my TEMP file with AH and Hamrfum SOftware tick enabled.
What found those trojan downloaders was TDS-3 and KAV with Xbases. Of coure I've sent them all to Eset but they sometimes do take their sweet time to add (during work week it takes them about 4-5 days (1 work week) to add it).

Anyhow I just want the team to focus some more on Trojan Downlader Heuritic detection since that is what mostly comes through with the new CWS and other spyware.

Cheers,

{QUOTE-> What found those trojan downloaders was TDS-3 <-QUOTE}

No comparison: one of not the best dedicated antitrojans.

{QUOTE-> ...and KAV with Xbases. <-QUOTE}

...comparing AV's with AV's indeed is a valid comparison. That said: it would be if running KAV 'out of the box' as 99,9% of all users do. Xbases is known to no KAV 'average Joe' user - leave alone the question if Xbases work on KAV v5....

Bottom line: don't compare apples with lemons ;)

bono

Ok then according to virus total:

Panda FOUND IT
BitDefender FOUND IT
KAV FOUND IT
AVK FOUND IT
McAFFEE FOUND IT

is that enough AV comparissons?

Got names and a screen capture? (btw: that's not what you stated in your first post...)

You can't compare that directly. The same applies to every AV. One will detect something and onether will miss something. We already disscused about 100% detection,so i hope that this is clear.

I understand I just want to let ESET know that they should beef up their Trojan.Downloader heurtics if they want to fight the upcoming war.

It's why I run an AT (BOClean).. I expect my AV to find virii, but I expect my AT to find the trojans... Of course there is some overlap, but for some reason they have always been two different beasts with two different solutions..... Why? I don't know, but....

Heck, you can't any two AVs to find the same sets of Virii (something that is either a good thing or bad thing, depending on your perspective--everybody will find something new or they all miss something new).

{QUOTE-> No comparison: one of not the best dedicated antitrojans.



...comparing AV's with AV's indeed is a valid comparison. That said: it would be if running KAV 'out of the box' as 99,9% of all users do. Xbases is known to no KAV 'average Joe' user - leave alone the question if Xbases work on KAV v5....

Bottom line: don't compare apples with lemons ;)

bono <-QUOTE}


Xbases will work on kav 5 and also Defender Pro with Kav 5 engine This is not speculation I have run them on both and they work just fine.

{QUOTE-> Xbases will work on kav 5 and also Defender Pro with Kav 5 engine This is not speculation I have run them on both and they work just fine. <-QUOTE}

Not _x-Bases (Supersecure Data-bases), only _ext-Bases (Extended Data-bases) will work on KAV-Pers. 5.0.

{QUOTE-> Not _x-Bases (Supersecure Data-bases), only _ext-Bases (Extended Data-bases) will work on KAV-Pers. 5.0. <-QUOTE}

Using latest 5.0.227 Personal here with the extended option checked, and I do have the x-files.avc in my bases folder that was put there by KAV. My updates are current as of this posting, and the file is 27 KB. If they don't work, then I do not know why KAV would put them in my bases folder.

Sorry to get off topic folks.