[pchelpers] Re: Has onyone heard of a virus called "BloodHounds"

Hi Scott

> EGlnl> http://www.f-secure.fi/v-descs/bloodh.shtml
> EGlnl> There is no virus known by this name to our product. Bloodhound is a
> EGlnl> generic name used by Norton Anti-Virus that it might have found an
> EGlnl> unknown virus. Sometimes this is a false alarm, sometimes a real alarm
> EGlnl> on a virus unknown to NAV.
> 
> Norton has what it calls "Bloodhound(TM) virus detection technology",
> which is basically just heuristics, but I don't think I've ever seen
> it actually work.  :)
> 
> Note that just because it detects something doesn't mean that what it
> detected is anything to be concerned about.

Yes, well almost all virus programs have heuristics nowadays but it 
seems that it doesn't really work on any of them because they are 
actually all built on programs that renounced the much better 
profile-based methods for signature-based ones as explained in this 
article i've already linked to before:
http://vmyths.com/rant.cfm?id=242&page=4

What is especially annoying in the situation of Norton calling something 
it found or thinks it found "Bloodhound" is that giving a name to 
something that one has not identified and that doesn't even exist as a 
separate entity instead of honestly saying "possible or unknown virus" 
is not only "accidentally" misleading but is blatant proof of the above 
page's claims about the dishonesty and ineffectiveness of the AV industry.

I.e. this is more of the misleading hype and nonsense that forms the 
basis of McAfee's and the whole AV industry's financial success that 
claims that an antivirus program that can name a virus is better than 
one that can identify even unknown ones. So now this has been carried to 
the absurd extreme of giving a name even to things that one can't identify.

I think i really will try out Integrity Master as soon as i get time to 
write to the author. http://www.stiller.com/intmast.htm Even if it has 
not been updated since last year, it may still be more effective than 
all other antivirus programs because these usually can't identify any 
virus they didn't first get info about in an update. And since updates 
are always a few hours behind, anyone using a year-old copy of Integrity 
Master is probably better protected than everyone else using any other 
AV program with the newest updates.

-- 

Ekhart


-- 
-------list-services-below-----------
Regards, John Durham (list moderator) <http://modecideas.com/contact.html?sig>
Freelists login at http://www.freelists.org/cgi-bin/lsg2.cgi
List archives at http://www.freelists.org/archives/pchelpers
PC-HELPERS list subscribe/unsub at http://modecideas.com/discuss.htm?sig
Latest news live feeds at http://modecideas.com/indexhomenews.htm?sig
Good advice is like good paint- it only works if applied.

Other related posts: