The 10 Days of Home Edition Version 2 – No False Detections!
- Comments: 4
- Written on: February 20th, 2007
This post is the seventh in a 10-post series about the all-new version 2 of the Maintenance Checkup Home Edition (MCHE) computer maintenance software from Schrock Innovations. You can win a FREE 2-year subscription by simply posting a comment on any of the MCHE posts. Only one free subscription will be given away, so post multiple comments or questions with your valid email address to increase your odds of winning!
A major problem with many anti-malware programs is false detections. A false detection is when a program tells you a file pr process is attacking your computer when in fact it is not. Our software engineers have invested significant effort in creating systems that prevent the MCHE from making a detection mistake. Their approach was to tackle the problem from two different angles.
First, it is incredibly helpful to have as much information in our detection database as possible. That is why the MCHE learns from every piece of malware it removes. Each time a threat is resolved on your computer that has not been encountered before , the MCHE takes a fingerprint of the file or files it removes. This fingerprint is called a hash. Rather than scanning for a particular file name, the MCHE scans for these fingerprints and therefore reduces the risk of making a detection mistake.
These new hashes are stored on your computer until you complete your next update. If you are participating in the MCHE Community, these hashes are uploaded to our update server during your update and are then disseminated to all of our subscribers within 24 hours. This gives the MCHE the unique ability to learn the fingerprints on the fly and get smarter over time.
The second approach is to white list files that we know are legitimate files from legitimate programs. A white list is a list of hashes derived from files known to be legitimate and harmless. To our knowledge, the MCHE is the only computer maintenance program that uses a white list as a major component of its detection engine.
This feature is important because sometimes malware attempts to masquerade as a legitimate file. Many malware programs use explorer.exe for example the same name as a legitimate Windows file. So if the MCHE has never encountered the malware file explorer.exe, it needs a way to tell it apart from the legitimate explorer.exe that comes with Windows. This is accomplished by maintaining a hash of all files we know to be legitimate. We collect these hashes ourselves to ensure the purity of our white list.
The bottom line is that false detections are not a problem in version 2 of the MCHE, and the systems we have put into place ensure that we are constantly receiving a stream of white list hashes from the products our customers use most often.
Check back tomorrow to learn how the all-new MCHE can clean over 1 GB of file bloat off your hard drive without any fear of losing important personal files.
- If you liked this post, subscribe to my feed!
- Comments: 4