About this virus...by Danny

About this virus...by Danny


[ Follow Ups ] [ Post Followup ] [ Forum ]

Posted by joe marzi (Ranked 20 on 3D Ultra Cool Pool Rotation (WON) Ladder) on March 21, 2006 at 15:16:17:

Hello everyone.
I want to make a statement in what has been said here regarding Pauth and so called New_Heur_PE virus detected by Ubetter.

First of all, what Ubetter hasn't told the people around here, is that only the NOD32 anti-virus detects this file (Pauth.exe) as a suspect file, hence called New_Heur_PE. Other anti-viruses don't detect it as being a virus or worm, or being part of one.

Second of all, what Ubetter didn't knew, NOD32, like other anti-virus programs, uses a so called Heuristic Method to find viruses. When it uses that method, it may or may not detect a virus. Surprisingly, Pauth wasn't infected with a virus, but it's a New_Heur virus to NOD32, that means NEW virus detected by HEURISTIC methods. It means NOD32 said actually it might be a virus, but if it's that the case, the program didn't recognise it as an existing virus, signaling only it might be a NEW virus.

Third of all, and last, i'd like to quote the producers of the NOD32 anti-virus, who described and explained the Heuristic method to find a virus.
Quote: "The Heuristic level settings enable you to set the extent of using the NOD32 heuristic method in virus detection. It is recommended to use the Standard level of heuristics, because selecting the Deep heuristics may cause false positive alarms."
The source of that quote:
http://u4.eset.com/manuals/xmon_man_en.pdf

Now, the explanation: i was using NOD32 as Ubetter did, testing the Standard level of heuristics, and it didn't detect Pauth as a virus. When i tried the Deep heuristics level, i got the same result as Ubetter, that Pauth is infected with a so called New_Heur_PE virus. As it states clear by the quote above, the Deep heuristics level could cause false positive alarms, like it did for the Pauth application, calling it a new unknown virus.

So, my advice is to use trustfully the Pauth application, and i hope my long message cleared a few blurred minds about the so called virus found on it.

Thank you for reading it all the way.
Fair games everyone!


Follow Ups:



Post a Followup

Ladder:
or Ladder Path:   
Ladder Name:
Password:
Password saved if checked

Subject:

Comments:

Optional Link URL:
Link Title:
Optional Image URL:


[ Follow Ups ] [ Post Followup ] [ Forum ]


Copyright Policy

Copyright 1996 - 2024 Case's Ladder / Thulium Software, LLC. All Rights Reserved.