New results of Virusinfo.info for September-October 2008

You betatesting this yet public to come beta?

 

There is a topic on the KL beta forums about emulator testing, which is open to anyone who wants to test, however should not be used on a mission critical machine or by normal users due to the fact that the heuristics updates are currently beta, and therefore can cause false positives and undocumented issues while the bugs are still being ironed out.

There have been a number of new heuristic verdicts introduced and one of the main areas of focus has been web exploits, malicious scripts and downloaders the PE heuristic engine has also been updated.

New heuristic detections will be in the form "HEUR: detection" instead of the previous Heur.Trojan.Generic Heur.Invader etc..

The heuristic update should be introduced before the end of the year if there aren't any major problems discovered during testing.

 

Isn't the average survival time for heuristic/generic detections about 30 minutes these days? ...

 

I'm not the developer, but I think I can reply to that in order to clarify...

I am in agreement that generic routines are easy to bypass, but incorporating new components and modules to the arsenal take time as I am sure you realise.... routines will ofcourse be refreshed regularly via the updater once the new components have been tested. I wasn't merely talking about a generic routine being added to the existing emu but completely new module/capabilites that were not present in previous incarnations.