The end of antivirus definition updates?



Well, frankly, there has been talk of the end of definition based antivirus scanning for years. You see the achilles heel of any AV scanner is that it has to have signatures of what known viruses look like, so there will always be a reflex window, where there’s a new unknown virus that people are getting infected with before there’s a reaction from the antivirus vendors. The supposed cure for this dillema was hueristic scanning which was supposed to detect things that “looked” like they might be viruses. A noble goal, but along the path it’s proven innefective mostly, either too aggressive and tagging EVERYTHING as potentially viral, or really unnoticable.



There is, however an article at pcmag.com looking at the recent worm bout and noting that several vendors detected exploit attempts without an update. 2 were able to detect 6 out of 6 different attacks without a signature update. They do note that one of these also generates a large number of false positives.

I don’t know if heuristics? (hueristics?) are the answer, they need to keep imroving though because false positives are what prompt people to disable the heuristic scanning. Further, maybe this needs to be a different class of software that analyzes 1)who is running this process, 2) is it automated or running from a user currently logged in 3) if it’s not run by a current user, why is it running? is it something that should run unattended? … maybe this is something that happens at a lower level (the kernel?)

Anyway, we’ll see if this is the end of definition updates (I’m not holding my breath though.)

Related Posts

Blog Traffic Exchange Related Posts
  • How to Remove TRE Antivirus | TRE Antivirus Removal Guide TRE Antivirus is a new entry in the Wini Family of rogue antivirus software. This family includes SoftCop (SoftCop Removal), Softsoldier (How to remove SoftSoldier), ( TrustFighter TrustFighter Removal Guide, TrustSoldier removal guide and the following others... SafeFighter (Safefighter Removal), TrustCop (TrustCop Removal Guide), SecureWarrior (SecureWarrior Removal), SecurityFighter (SecurityFighter Removal),......
  • How to Remove SystemCop | System Cop Removal Yes, it's another rogue antivirus package that causes all sorts of headaches, popups, false warnings and yes, you have to pay to solve the problems it claims to find. Essentially the software, when installed creates lot's of files that on scanning your system it "discovers" and claims they are a......
  • How to Remove Eco Antivirus 2010 | Eco Antivirus 2010 Removal Guide Eco Antivirus 2010 is a slight twist (renaming) of the recent Eco Antivirus rogue that has made the rounds. These rogues pretend to be antivirus, or antispyware software, but in reality are not much more than a scam trying to squeeze money out of unsuspecting computer users. These rogue applications......
Blog Traffic Exchange Related Websites
  • Preparing for Winter Running Winter running is a challenge because of many different factors. Depending on where you live, you may have to face conditions which will include snow and ice. If nothing else, you will have to face lower than usual temperatures. This is enough to cause some people to put off running......
  • World Wide Web Security Essentials Is Not A Real Spyware Remover. It Resembles The Functions And Looks World wide web Security Essentials is not a real spyware remover. It resembles the functions and looks of genuine spyware removal software but has no capacity to eliminate any virus, trojan or malware. Web Security Essentials is the newest addition to the growing list of rogue Antivirus programs. Internet Security......
  • How To Get Buyer Traffic ? The Simplest Solution Getting traffic is one of the most toughest part of any online based business. And bringing the traffic to buy is even more tough. In general, when you want to run a business you need the audience in order to show you business to them. Audience are the buyers here.......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site