I´ve noticed that the newest signatures contain lots of Script viruses and Unix malware. Also, there is a refinement of the antiexploits signatures. Examples:
{QUOTE->
JS/Seeker.AO (2), JS/Seeker.B, VBS/DelFiles.C, VBS/Fav.F, VBS/Fighting, VBS/KillWin.F, VBS/KillWin.G, VBS/Pelta.A, VBS/Pelta.B, VBS/Qhost.K, VBS/Qhost.L (2), VBS/Runner.B, VBS/Small.W, VBS/Starter.E, VBS/Starter.G, VBS/Starter.H, VBS/Starter.I, VBS/Starter.J, VBS/StartPage.BE, VBS/StartPage.BF, VBS/StartPage.U
<-QUOTE}
{QUOTE->
BAT/Adduser.S (2), BAT/Agent.J, BAT/AutoRooter, BAT/Concon.A, BAT/DelAll.AK, BAT/DelAll.AP, BAT/DelAll.AR, BAT/DelAll.R, BAT/DelFiles.BA, BAT/DelFiles.BB, BAT/DelFiles.BC (2), BAT/DelSys.BB, BAT/DelTree.D, BAT/DelTree.K, BAT/DelTree.Q, BAT/DelTreeY.A, BAT/DeltreeY.A (4), BAT/DeltreeY.AE, BAT/DeltreeY.BA, BAT/DeltreeY.CD, BAT/DeltreeY.N, BAT/DeltreeY.Q, BAT/Delwin.BD, BAT/Fck.A (2), BAT/FormatA.D (3), BAT/FormatAll.AE, BAT/FormatAll.E, BAT/FormatAll.G, BAT/FormatC, BAT/FormatC.AG, BAT/FormatC.BH, BAT/FormatC.BI, BAT/FormatC.D, BAT/FormatC.S, BAT/FormatCQ.C, BAT/FormatCQ.generic (2), BAT/FormatCQ.U, BAT/FormatCQU.G, BAT/FormatCQU.S, BAT/Hornet.A, BAT/KillAV.DI, BAT/KillAV.DJ, BAT/KillAV.DK, BAT/KillAV.DL, BAT/KillAV.DM, BAT/KillAV.DN, BAT/KillAV.DO, BAT/KillAV.DQ, BAT/KillAV.DW, BAT/KillFiles.CF, BAT/KillFiles.CX, BAT/KillFiles.EM, BAT/KillFiles.EO, BAT/KillFiles.EP, BAT/KillFiles.ER, BAT/KillFiles.ES, BAT/KillFiles.T, BAT/KillFire.B, BAT/KillWin.AL, BAT/KillWin.AO, BAT/KillWin.AP, BAT/KillWin.AS (2), BAT/Masup, BAT/NoDelDir.G, BAT/PatchSystemini.A, BAT/Qhost.C, BAT/Ratty.NoDelDir.H, BAT/Reboot.C, BAT/Reboot.G, BAT/Rebooter.A (2), BAT/Renamer.F, BAT/Shutdown.X, BAT/Shutdown.Y, BAT/Small.J, BAT/Small.K, BAT/StartPage.B, BAT/StartPage.C, BAT/Subnix.A, BAT/Zapchast.AU, BAT/Zapchast.H, HTML/DellTree.A, HTML/Favadd.A, HTML/PCard.N, HTML/StartPage.C, HTML/StartPage.D, HTML/StartPage.E, HTML/StartPage.O
<-QUOTE}
{QUOTE->
BAT/Copybat.AP, BAT/Copybat.F, BAT/Interor.C, BAT/Interor.H, BAT/Interor.I, BAT/Interor.K, BAT/Interor.L, BAT/Interor.M, HTML/Exploit.Agent.C (2), HTML/Exploit.IESlice.A, HTML/Exploit.IESlice.E, HTML/Exploit.Mht, JS/Exploit.ADODB.Stream.AB, JS/Exploit.ADODB.Stream.E, JS/Exploit.ADODB.Stream.I, JS/Exploit.ADODB.Stream.J, JS/Exploit.ADODB.Stream.L, JS/Exploit.ADODB.Stream.M (2), JS/Exploit.ADODB.Stream.N, JS/Exploit.ADODB.Stream.O, JS/Exploit.ADODB.Stream.P, JS/Exploit.ADODB.Stream.Q, JS/Exploit.ADODB.Stream.S (2), JS/Exploit.ADODB.Stream.T, JS/Exploit.ADODB.Stream.U, JS/Exploit.ADODB.Stream.Y, JS/Exploit.ADODB.Stream.Z (2), JS/Exploit.CVE-2005-1790.H, JS/Exploit.CVE-2005-1790.T (2), JS/Exploit.CVE-2005-1790.U, JS/Exploit.CVE-2005-1790.Y (2), JS/Exploit.CVE-2005-1790.Z, JS/Exploit.CVE-2006-1359.Q (2), JS/Exploit.CVE-2006-1359.V, JS/Exploit.CVE-2006-1359.X (2), JS/Exploit.CVE-2006-1359.Y (2), JS/Exploit.IEPageSpoof, JS/Exploit.IframeBO (4), JS/Exploit.Phel.AV, JS/Exploit.Phel.BC, JS/Exploit.Phel.BD, Linux/HackTool.Scash.A, Linux/Rootkit.Agent.SK, OSX/Exploit.Launch.A, Perl/Exploit.Opera.A, Perl/Exploit.PunBB.A, Perl/Exploit.Stros.A, Perl/HackTool.Cgiluder.B, Perl/HackTool.Cgiluder.C, Perl/HackTool.TransRoot (2), Perl/Santy.E (3), PHP/C99Shell.C, PHP/Exploit.E (4), PHP/Exploit.Inject.D, PP97M/Exploit.Agent.A, PP97M/Exploit.Agent.C (2), PP97M/Exploit.Agent.D, PP97M/Exploit.Agent.E (2), PP97M/Exploit.Agent.F, SunOS/Rootkit.Agent.P, VBS/Agui.A, VBS/Becky.B, VBS/Bee.B, VBS/Exploit.Phel, VBS/Exploit.Phel.A, VBS/Exploit.Phel.BC, VBS/Exploit.Phel.BE (2), VBS/Exploit.Phel.BQ, VBS/Exploit.Phel.CJ, VBS/Exploit.Phel.DI, VBS/Exploit.Phel.DJ, VBS/Exploit.Phel.DK, VBS/Ikarus.D (2), VBS/Rapid.A
<-QUOTE}
{QUOTE->
BAT/Spth.Jsg.A, HTML/Exploit.CodeBaseExec, HTML/Exploit.CrashBrowser.C, HTML/Exploit.CVE2006-4777.A, HTML/Exploit.IframeBof, HTML/Exploit.Mht (9), HTML/Exploit.VML.I, IRC/SdBot, JS/Exploit.CVE-2005-1790.B (2), JS/Exploit.CVE-2005-1790.E, JS/Exploit.XMLCore.A (2), JS/Flooder.Small.A, JS/Flooder.Small.B, JS/Flooder.Small.C, JS/Flooder.Small.D, JS/Flooder.Small.E, JS/Flooder.Small.F, JS/Spth.Jsg.A (5), MSIL/Small.NAA, Perl/Small.A, Perl/Small.E, Perl/Termapp.A, Perl/Tt.D, PHP/Agent.B, PHP/Agent.D, PHP/C99Shell.A, PHP/Rst.G, PHP/Rst.I, PHP/WebShell.L, VBS/Agent.F, VBS/Ahlomon, VBS/Alien.C, VBS/Alien.F, VBS/Harasy.B, VBS/Lee.Based (6), VBS/Mill.D, VBS/Penel.A, VBS/Pica.NAA, VBS/Worlex.A
<-QUOTE}
{QUOTE->
ALS/Bursted (2), ASP/Ace.CN, ASP/Ace.CR, ASP/Ace.CS, ASP/Ace.CT, ASP/Ace.CU, ASP/Ace.CV, ASP/Ace.CW, ASP/Ace.CX, ASP/Ace.CY (4), ASP/Ace.DB, ASP/Ace.Q, ASP/Ace.X, ASP/WebAdmin.D, BAT/RA-based.C, BAT/RA-based.D, BAT/ServU-based.A, IRC/Ataka.I, IRC/Botva.A, IRC/Botva.C (2), IRC/Kanallar.I (2), IRC/SdBot (3), IRC/Small.O, IRC/Sobet.D, IRC/Zapchast (10), Java/Broxy.A, JS/TrojanDropper.Tivso.A, Linux/Bofishy.A, Linux/Php.A, Linux/Php.B, Perl/IRCBot.C, Perl/Lekbot.A, Perl/Shellbot.Z, VBS/Apok.A
<-QUOTE}

Any words from the developers (Marcos)?
Thanks.

So what's the problem , Lucas ? :)

{QUOTE-> I´ve noticed that the newest signatures contain lots of Script viruses and Unix malware. Also, there is a refinement of the antiexploits signatures. Examples:
Any words from the developers (Marcos)?
Thanks. <-QUOTE}


We have hired a new guy specializing in scripts :)

Very nice. Good job Eset

{QUOTE-> So what's the problem , Lucas ? :) <-QUOTE}
None, just curiosity ;)
{QUOTE-> We have hired a new guy specializing in scripts :) <-QUOTE}
Very good :) Most of them look like generic signatures, am I right?
I´ve read that script malware is difficult to catch using heuristics.
Keep up the good work :thumb: