Main Area and Open Discussion > General Software Discussion

Heuristic Antivirus

<< < (2/3) > >>

J-Mac:
NOD32 allows you to disable their "advanced heuristics" (Threatsense Engine, Unwanted Applications, Dangerous Applications) but it still uses heuristics in its regular scanning. Which is one of the reasons I have to disable it when I download some of Nir Sofer's utilities (password-related, mostly) and immediately move them to a flash drive before re-enabling it. Exclusing these utilities doesn't seem to help this.

Actually I haven't tried it again with the latest version of NOD32; it's entirely possible that they have fixed this and I have been using this PITA protocol so long I haven't noticed. But I doubt it!

Jim

Carol Haynes:
NOD32 seems NirSoft these days (at least the version I am running doesn't seem to flag issues and I don't have exclusions listed). I used to have odd problems with some of their Password stuff in NOD32 v. 2.7 but in V. 3 it seems to be fixed. In version 2.7 I added the offending files to the exclusions list and then it didn't trouble me.

To be fair I think flagging password utilities as potential password stealers is a reasonable thing to do - at least it means someone who has the software installed without their permission will get a warning and anyone who needs to use the software should know how to get round potential warning problems.

sgtevmckay:
heuristic Only? I do not think so.

But I would look into Spybot Search and Destroy, ThreatFire, and Vipre

As for their documentation, I would suggest contacting the folks at Spybot S&D, as they have always been helpfull to me.

Good luck. :)

J-Mac:
NOD32 seems NirSoft these days (at least the version I am running doesn't seem to flag issues and I don't have exclusions listed). I used to have odd problems with some of their Password stuff in NOD32 v. 2.7 but in V. 3 it seems to be fixed. In version 2.7 I added the offending files to the exclusions list and then it didn't trouble me.

To be fair I think flagging password utilities as potential password stealers is a reasonable thing to do - at least it means someone who has the software installed without their permission will get a warning and anyone who needs to use the software should know how to get round potential warning problems.
-Carol Haynes (March 15, 2009, 04:11 PM)
--- End quote ---

I agree completely that flagging password cracking utilities is admirable. However at one time you could not even exclude them. Well, actually you could exclude the setup files but as soon as you opened a file and it created its own folder in C:\Program Files NOD32 would eat it up quickly, before you had any chance to exclude that folder or the .exe file. There are threads at Wilders about this - it seemed a new one would pop up each year for a while, without any response from Eset. Plus I wrote to Eset about this twice and never got a reply. I just got into the habit of disabling it when I downloaded them and moved them to my flash drive.

Jim

codyBane:
I agree it's nice to see password recovery tools flagged as potential viruses, I've also seen nod32 flag a lot of irc scripts and nasty bots coded for the linux bash shell while I've been downloading them for analysis onto a windows machine.

Spybot is strictly dictionary based as far as I'm aware,
and yes, you can do just a heuristic scan with nod32 - latest version for sure.  The easiest way to do so is to open up nod32, select computer scan, click on custom scan, click on setup, then on the left go to options - there you can disable everything but heuristics and advanced heuristics.

I haven't had any problems with NOD32 (viruses or annoyances with the nod32 software) in the past 2 years.  I highly recommend it.

Navigation

[0] Message Index

[#] Next page

[*] Previous page