About Rising Anti-Virus 2007

Discussion in 'other anti-virus software' started by aluckystar, Feb 4, 2007.

Thread Status:
Not open for further replies.
  1. aluckystar

    aluckystar Registered Member

    Joined:
    May 30, 2006
    Posts:
    66
    Location:
    Paris of the East
    Rising had just released the new version "Rising AV 2007".

    And Rising said that "Rising is the 3rd company (after Microsoft and VMware) in the world that had the technology of Virtual Mashine and apply it in antivirus."

    Here is some introduction on its website:

    Virtual Machine Unpacking Engine(VUE)
    VUE minimizes resource consumption by reducing the size of virus definition file significantly.

    What is packing?
    Packing is like placing a “vest” over the virus in order to disguise it.

    Sometimes a virus is packed multiple times. Antivirus software without strong unpacking capability cannot detect a virus, Trojan or malware under the “vests”. To solve this problem, they just identify a packed virus as a new virus by keep updating their virus definition file, or virus base. This method is resource consuming and can never safe guard PC in deed.

    What is Virtual Machine Unpacking Engine(VUE) ?

    VUE provides a fast, efficient and high-tech solution to combat packing. Packed virus must take off its “vest” before it infects a PC. VUE creates a virtual machine system for virus and let it take off its “vest” automatically in this virtual system. In this way, Rising Antivirus 2007 can identify all sorts of packed virus, minimize resource consumption, significantly reduce the size of virus definition file and save the time consumed for everyday update.


    I wonder whether Rising is the first antivirus vendor using this technology ?
    As I know, there are many other antivirus software good at unpacking, what technology do they use then ? Thank you.:)
     
  2. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    We used to call this "generic unpacking" but they tend to attach all kinds of fancy names instead... It's not really a new thing and bunch of AV vendors is using it for ages...
     
  3. Perman

    Perman Registered Member

    Joined:
    Nov 23, 2005
    Posts:
    2,160
    Hi, folks: I do remember Norman Virus Control using a so-called sandbox technology to contain viruses, could be very similiar to this virtualization method. Who knows? Norman never got off the ground , generally speaking.
     
  4. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    7,927
    Location:
    The land of no identity :D
    The so-called "Virtual Machine" technology was also applied in BitDefender (B-HAVE), Norman (Sandbox) and to an extent, NOD32. It is possible Dr.Web does this as well but I do not know enough about it to be sure.

    Rising AV only does this for unpacking, while BitDefender and Norman use it for heuristic analysis as well. :)
     
  5. Stefan Kurtzhals

    Stefan Kurtzhals AV Expert

    Joined:
    Sep 30, 2003
    Posts:
    701
    This is done by other antivirus engines for years. And it has it's disadvantages aswell. First, it makes scanning of malware horrible slow (gateway scanning!). And you can trick and emulation or sandboxing, the recent breed of malware demonstrates that with every variant that is missed by the scan engines that perform generic unpacking or heuristic/generic detection with emulation.
     
Loading...
Thread Status:
Not open for further replies.