Advanced heuristics update

Right now, my NOD32 shows AH module build 1.024 (20060108 ).

 

NOD32 antivirus system information
Virus signature database version: 1.1357 (20060109)
Dated: Monday, January 09, 2006
Virus signature database build: 6582

Information on other scanner support parts
Advanced heuristics module version: 1.024 (20060108 )
Advanced heuristics module build: 1097
Internet filter version: 1.002 (20040708 )
Internet filter build: 1013
Archive support module version: 1.040 (20051222)
Archive support module build version: 1142

 

NOD32 antivirus system information
Virus signature database version: 1.1358 (20060110)
Dated: Tuesday, January 10, 2006
Virus signature database build: 6591

Information on other scanner support parts
Advanced heuristics module version: 1.024 (2006010
Advanced heuristics module build: 1097
Internet filter version: 1.002 (2004070
Internet filter build: 1013
Archive support module version: 1.040 (20051222)
Archive support module build version: 1142

Information about installed components
NOD32 For Windows NT/2000/XP/2003/x64 - Administrative tools
Version: 2.51.8
NOD32 For Windows NT/2000/XP/2003/x64 - Base
Version: 2.51.8
NOD32 For Windows NT/2000/XP/2003/x64 - Internet support
Version: 2.51.8
NOD32 for Windows NT/2000/XP/2003/x64 - Standard component
Version: 2.51.8

Operating system information
Platform: Windows 2003
Version: 5.2.3790 Service Pack 1
Version of common control components: 5.82.3790
RAM: XXX MB
Processor: Intel(R) XXXX(R) CPU X.XXGHz (XXXX MHz)

 

ok, ok! No need to post the same thing! It's important to know what kind of updates are these?? For some new type of malwares, or what? If this is not a secret!

 

New AH detected one false positive on my system. The file is Update.exe and is a part of Index.dat Suite:

http://support.it-mate.co.uk/?mode=Products&p=index.datsuite

 

Well, this program deletes some files from your system and perhaps that's the problem.
But you can't know for sure if the file is detected due to the new AH. Perhaps it was detected before, also.

Edited: Well, I've checked the file on www.virustotal.com and I think it's a FP. Only NOD32 detects it. And the program seems to be trustful.

 

Yes, I checked a while ago and only NOD detects it. But for sure this file was not detected before (I have it from May 2005 on my computer).

 

Yep, it seems to be a false positive and we'll remedy it shortly.

 

A new method has been developed by Eset to offer proactive detection
for rootkit threats.

According to Eset´s chief software architect Richard Marko,
the technology is very effective with a detection rate, in
internal tests, of up to 90%.

A rootkit is a special type of malware able to hide its
presence in infected systems, and thus escape detection.

Current rootkit protection methods work reactively - on the basis of
signatures. Therefore it is necessary to keep anti-virus systems
up-to-date. However, when releasing the detection signatures, usually
a
portion of users will have already been exposed to a new
infiltration.

In the case of rootkits an additional system scan with updated
signatures may not reveal a hidden threat - rootkits are able to
render themselves "invisible". Users of rootkit infected systems may
thus have a false sense of security because their updated
anti-virus system did not detect the presence of a rootkit.

Under such circumstances it is obviously important to
prevent a rootkit infiltration in the first place. Which is where
proactive detection plays a vital role, allowing the detection
of unknown rootkits with high probability.

"Rootkit detection is based on the new generation of intelligent
signatures, which is a part of the ThreatSense technology.
This detection method is implemented in our technology in a
revolutionary way," said Richard Marko.

Proactive Rootkit detection is added automatically through a
component update - so all NOD32 customers will benefit from
this new technology immediately.

 

Thx, NOD32_user

 

New AH detected one false positive on my system. The file is Update.exe and is a part of Index.dat Suite:

well this is real not good. nod32 already have some false positive in their signatures, now will they have also false positive on their Threat Sense Hive, oh this sucks!!!

 

To expect the heuristics to 100% recognize only the real malware is nothing but utopia.

 

too many unregistered guys here! And they state only useless things!

 

This seems like pretty useful information to me. He gives specific information about a particular file that is flagged as a false positive. How is that useless?

Unregistered users are always welcome here, as long as they have something to say.

 

When will be this new proactive defence against rootkits avaliable for update?

 

There was another heuristic update...

Information on other scanner support parts
Advanced heuristics module version: 1.025 (20060110)
Advanced heuristics module build: 1099
Internet filter version: 1.002 (2004070
Internet filter build: 1013
Archive support module version: 1.040 (20051222)
Archive support module build version: 1142

 

Very nice update

 

Is this the one with the new rootkit detection??

 

Yes, it seems.... have a look http://www.eset.sk/en/company/eset-has-a-technology-against-rootkits

 

That's very interesting. : )
To bad NOD32 can't detect installed Rootkits, but hope it will come in v.3 : )

 

It was not him giving information on FP but me.