About Rising Anti-Virus 2007

Discussion in 'other anti-virus software' started by aluckystar, Feb 4, 2007.

Thread Status:
Not open for further replies.
  1. aluckystar

    aluckystar Registered Member

    May 30, 2006
    Paris of the East
    Rising had just released the new version "Rising AV 2007".

    And Rising said that "Rising is the 3rd company (after Microsoft and VMware) in the world that had the technology of Virtual Mashine and apply it in antivirus."

    Here is some introduction on its website:

    Virtual Machine Unpacking Engine(VUE)
    VUE minimizes resource consumption by reducing the size of virus definition file significantly.

    What is packing?
    Packing is like placing a “vest” over the virus in order to disguise it.

    Sometimes a virus is packed multiple times. Antivirus software without strong unpacking capability cannot detect a virus, Trojan or malware under the “vests”. To solve this problem, they just identify a packed virus as a new virus by keep updating their virus definition file, or virus base. This method is resource consuming and can never safe guard PC in deed.

    What is Virtual Machine Unpacking Engine(VUE) ?

    VUE provides a fast, efficient and high-tech solution to combat packing. Packed virus must take off its “vest” before it infects a PC. VUE creates a virtual machine system for virus and let it take off its “vest” automatically in this virtual system. In this way, Rising Antivirus 2007 can identify all sorts of packed virus, minimize resource consumption, significantly reduce the size of virus definition file and save the time consumed for everyday update.

    I wonder whether Rising is the first antivirus vendor using this technology ?
    As I know, there are many other antivirus software good at unpacking, what technology do they use then ? Thank you.:)
  2. RejZoR

    RejZoR Registered Member

    May 31, 2004
    We used to call this "generic unpacking" but they tend to attach all kinds of fancy names instead... It's not really a new thing and bunch of AV vendors is using it for ages...
  3. Perman

    Perman Registered Member

    Nov 23, 2005
    Hi, folks: I do remember Norman Virus Control using a so-called sandbox technology to contain viruses, could be very similiar to this virtualization method. Who knows? Norman never got off the ground , generally speaking.
  4. Firecat

    Firecat Registered Member

    Jan 2, 2005
    The land of no identity :D
    The so-called "Virtual Machine" technology was also applied in BitDefender (B-HAVE), Norman (Sandbox) and to an extent, NOD32. It is possible Dr.Web does this as well but I do not know enough about it to be sure.

    Rising AV only does this for unpacking, while BitDefender and Norman use it for heuristic analysis as well. :)
  5. Stefan Kurtzhals

    Stefan Kurtzhals AV Expert

    Sep 30, 2003
    This is done by other antivirus engines for years. And it has it's disadvantages aswell. First, it makes scanning of malware horrible slow (gateway scanning!). And you can trick and emulation or sandboxing, the recent breed of malware demonstrates that with every variant that is missed by the scan engines that perform generic unpacking or heuristic/generic detection with emulation.
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.