hi! when I was on the internet adware slipped through IMON due to IMON doesnt use method "Potentially dangerous files..". WHY?? NOD32 on-demand found this adware in operation memory. but why IMON,AMON,DMON doesnt use this method? I dont understand. There are requested signatures but they dont use them?? it is realy strange... is it so hard to do it??
Explain to me how can you continuously scan resident memory without major slowdowns or crashes? Sorry,but its very hard to create such monitoring.
This is why we thoroughly recommend at the very minimum a weekly scan. You can set such a commandline scan up from post number 20 here: https://www.wilderssecurity.com/showthread.php?t=37509 I have added this in post number 1 under Everything Else, item number 27, here: https://www.wilderssecurity.com/showthread.php?p=268130#post268130 Hope this helps... Cheers
Eset has recently incorporated the detection of spyware, adware and other stuff. I think they will incorporate that method into others modules soon, because EMON beta 1 and beta 2 has that option for example. Remember that AH wasn't incorporated in all modules at the sime time, however now AH is present in all modules of NOD32.
I've had IMON catch adware, so I'm pretty sure it's there.. they just don't have a huge database of adware yet.