another test:)

Of course, if you don't whitelist it, it will block it...

 

hahhahh i know

 

the last tested with the nice website looks very inocent but in real life it is a evil website

 

ROFLMAO! Anyway, Scotty has been sleeping in all cases...

 

Yes, kudos to them! Filseclab's website is uglier than theirs!

 

yeap

 

So far nod has found 11 different rogues for me.I was surprised but very happy at the same time I loves hunting them down..

 

cool good job man

 

Warklen, any peep out of threatfire when using those rogue apps?

 

i tried threatfire with the first one at the begining and in level five didnt flag nothing

 

Just tested Prevx Edge against adware away. The rogue program failed to install and was deleted.

 

cool prevx didnt catch the spyblaster before and i send them the website so they can fix it,maybe they did.

 

Havnt had a chance to test threatfire yet with one of them installed.Ive only been using it for about 2 days now.hopefully i can get a chance tonight. Ive been hearing good things about threatfire cant wait to see how it turns out..

 

Prevx Edge however, missed noadware-pro, so Joe might have to add this one.

 

oopppsssy tell the prevx team like i did with the first one(spyblaster)

 

Its an age heuristics detection, not by signature

 

what the heck is age heuristics detection?

 

Program artificial intelligence that grows with age and so a seasoned installation of the program become more clever?

 

meaning? dont get it yet sorry

 

I 've no idea, i was just joking!

 

you too need some coffee buddy i am going to make some coffee cause i really need one

 

These rogue AVs are always generally difficult to detect as some of the newer ones don't actually have malicious code in them - just annoying code/GUIs that force you to buy software because you are "infected".

That forces AV vendors to manually add each in most cases. I've told EraserHW about these new rogues so we will be detecting them shortly

Age/Spread heuristics are a metric we use at the community level to find programs which are "outliers" to the community. For instance, if a program is completely unique to that user's computer and has never been seen anywhere else before, we bump up the heuristics a lot in the database because that is a very suspicious case to have. Granted, this may cause some FPs (as we've seen) on beta software or extremely unpopular software but a majority of users use common software (Office, Adobe Reader, Firefox, IE, Windows ) so when we see something masquerading as legitimate software and it is very new, we use a different set of heuristics to block it as it is already quite suspicious.

This, in turn, allows us to systematically block polymorphic worms/trojans/viruses at a conceptual level because they don't have traits similar to known software and they are always unique.

So basically, we turn the malware author's technology against them

 

Yes, the thrill of the malware scanning was too much! I am exhausted!

 

cool explanation thanks

 

Open this link:
http://info.prevx.com/edgehelp.asp

Scroll down to 'Edge Settings > Heuristic settings and read up on it, learn how to use Edge properly, how it works
Setting everything to high would be a bit like ThreatFire on setting 5