"Stealth virus"

Discussion in 'other anti-virus software' started by rothko, May 25, 2005.

Thread Status:
Not open for further replies.
  1. rothko

    rothko Registered Member

    Joined:
    Jan 12, 2005
    Posts:
    579
    Location:
    UK
  2. richrf

    richrf Registered Member

    Joined:
    Dec 11, 2003
    Posts:
    1,907
    Thanks for the link to the article. All the more reason to have some pro-active defense on a system (e.g. ProcessGuard) that does not rely on heuristics or signatures.

    Rich
     
  3. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    I don't like the usage of term "virus". Viruses are file infectors,in these days we're dealing mostly with worms,trojans,backdoors or hybrids of any these 3.
     
  4. Technodrome

    Technodrome Security Expert

    Joined:
    Feb 13, 2002
    Posts:
    2,140
    Location:
    New York
    One more pointer about how heuristics and pro-active defense are important part of the security nowadays.



    tECHNODROME
     
  5. VikingStorm

    VikingStorm Registered Member

    Joined:
    Jun 7, 2003
    Posts:
    387
    Well not so much heuristics since they apparently scan all the files beforehand... meaning it should bypass the heuristics of all the known AVs. (and since it's for money, they probably will be thorough, leaving out only a few obscure ones)
     
  6. q1aqza

    q1aqza Registered Member

    Joined:
    Jul 27, 2004
    Posts:
    312
    Another good reason to have a good imaging tool with regular system backups.
     
  7. Cn232

    Cn232 Guest

    The word stealth seems to be misleading. They don't seem to be doing anythign technically special. The key is that they don't spread widely enough to appear on the rader screen of antivirus vendors.

    As for malware that are prescanned to ensure they arent detected by any of the AVs,ATs, it's nothing new, I thought??
     
  8. CN232

    CN232 Guest

    PG actually relies on heuristics (in a broad sense), it monitors suspicious behaviour likeglobal hooks . More importantly, the strength of PG's heuristics
    difer from user to user, because it ultimately depends on the user's knowledge and experience to decide what to run!

    I'm sure Rich's heuristics are far superior to mine for example.
     
  9. Diver

    Diver Registered Member

    Joined:
    Feb 6, 2005
    Posts:
    1,444
    Location:
    Deep Underwater
    Another good reason to run a limited account. Better yet, Linux or a Mac.
     
  10. Acadia

    Acadia Registered Member

    Joined:
    Sep 8, 2002
    Posts:
    4,048
    Location:
    SouthCentral PA
    Yeah, I've been thinking of doing that. Can you still update your AV and other programs when running such an account?

    Acadia
     
  11. richrf

    richrf Registered Member

    Joined:
    Dec 11, 2003
    Posts:
    1,907
    Hi CN232,

    If PG uses heuristics, it is some of the dumbest heuristics I've ever come across. :)

    HEURISTICS - This describes a set of rules developed to attempt to solve problems when a specific algorithm cannot be designed.

    PG is rather straightforward and blunt. It stops all program executions that it can trap. Not very smart, but darm efficient. Of course, the user's "heuristics" then has to decide whether to let it execute or not. My own personal heuristics are actually pretty dumb also. I always answer NO, until I thoroughly research any new program that pops-up on my screen. Nowadays, the only new software that may be legitimately introduced is security software or Windows Updates. I just cross my fingers that my Windows Updates source is "trustworthy". :)

    Rich
     
Loading...
Thread Status:
Not open for further replies.