I heard this in the wishlist.
But it seems everyone is having different meanings of “Advanced Heuristics”.
My Definition for it is - Code Emulation + Smart File Type Detection for Scan on Open / Created / Modified files.
What’s your definition? :
I heard this in the wishlist.
But it seems everyone is having different meanings of “Advanced Heuristics”.
My Definition for it is - Code Emulation + Smart File Type Detection for Scan on Open / Created / Modified files.
What’s your definition? :
The feature sounds well but what would be meaning of your ‘advanced heuristics’ - sth like detection of modified-eicar sample ? It’s a bit late to detect ‘unknown/new/modified variant of XXX virus’ because of scanning method. I heard, e.g. fprot uses crc virus body comparing and it can find out slight changes in the virus body.
Code Emulation has sense in trojan detection and it will be improved in next avast versions.
Did you say improved?
So it means that it exists on the latest build right now? :-\
Also, what will Alwil do in order to increase detection rates of modified variants of “x” virus? If a virus were to get changed only a byte, would Avast be able to detect it currently?
There will be a small code emulator in v4.5 I intend to use only for some win32-packers using of polymorphic engines.
Also, what will Alwil do in order to increase detection rates of modified variants of "x" virus? If a virus were to get changed only a byte, would Avast be able to detect it currently?In fact, it would not increase detection rates.
SoftwareGuy, code emulators are not all their cracked up to be. I get the Norman update newsletter and it seems every engine update fixed some bug in the sandbox engine. Those update occur about twice a month!