Not soo good in Trojan Downloaders.

Discussion in 'NOD32 version 2 Forum' started by tempnexus, Jan 1, 2005.

Thread Status:
Not open for further replies.
  1. tempnexus

    tempnexus Registered Member

    Joined:
    Apr 16, 2003
    Posts:
    280
    I always hoped that Advanced Heuritics would protect me against trojan downloaders but over the past 3 weeks I got a lot of them in my temp files and IMON nor AMON didn't say a peep, even when I scanned my TEMP file with AH and Hamrfum SOftware tick enabled.
    What found those trojan downloaders was TDS-3 and KAV with Xbases. Of coure I've sent them all to Eset but they sometimes do take their sweet time to add (during work week it takes them about 4-5 days (1 work week) to add it).

    Anyhow I just want the team to focus some more on Trojan Downlader Heuritic detection since that is what mostly comes through with the new CWS and other spyware.

    Cheers,
     
  2. papadopoulos

    papadopoulos Guest

    No comparison: one of not the best dedicated antitrojans.

    ...comparing AV's with AV's indeed is a valid comparison. That said: it would be if running KAV 'out of the box' as 99,9% of all users do. Xbases is known to no KAV 'average Joe' user - leave alone the question if Xbases work on KAV v5....

    Bottom line: don't compare apples with lemons ;)

    bono
     
  3. tempnexus

    tempnexus Registered Member

    Joined:
    Apr 16, 2003
    Posts:
    280
    Ok then according to virus total:

    Panda FOUND IT
    BitDefender FOUND IT
    KAV FOUND IT
    AVK FOUND IT
    McAFFEE FOUND IT

    is that enough AV comparissons?
     
  4. papopoulos

    papopoulos Guest

    Got names and a screen capture? (btw: that's not what you stated in your first post...)
     
  5. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    You can't compare that directly. The same applies to every AV. One will detect something and onether will miss something. We already disscused about 100% detection,so i hope that this is clear.
     
  6. tempnexus

    tempnexus Registered Member

    Joined:
    Apr 16, 2003
    Posts:
    280
    I understand I just want to let ESET know that they should beef up their Trojan.Downloader heurtics if they want to fight the upcoming war.
     
  7. TrustNo-one

    TrustNo-one Guest

    It's why I run an AT (BOClean).. I expect my AV to find virii, but I expect my AT to find the trojans... Of course there is some overlap, but for some reason they have always been two different beasts with two different solutions..... Why? I don't know, but....

    Heck, you can't any two AVs to find the same sets of Virii (something that is either a good thing or bad thing, depending on your perspective--everybody will find something new or they all miss something new).
     
  8. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma

    Xbases will work on kav 5 and also Defender Pro with Kav 5 engine This is not speculation I have run them on both and they work just fine.
     
  9. Optimist

    Optimist Registered Member

    Joined:
    Nov 6, 2002
    Posts:
    90
    Not _x-Bases (Supersecure Data-bases), only _ext-Bases (Extended Data-bases) will work on KAV-Pers. 5.0.
     
  10. Big D1

    Big D1 Registered Member

    Joined:
    Aug 20, 2004
    Posts:
    68
    Using latest 5.0.227 Personal here with the extended option checked, and I do have the x-files.avc in my bases folder that was put there by KAV. My updates are current as of this posting, and the file is 27 KB. If they don't work, then I do not know why KAV would put them in my bases folder.

    Sorry to get off topic folks.
     
Thread Status:
Not open for further replies.