trend micro heuristic?

Discussion in 'other anti-virus software' started by Arin, Mar 31, 2007.

Thread Status:
Not open for further replies.
  1. Arin

    Arin Registered Member

    Joined:
    May 1, 2004
    Posts:
    997
    Location:
    India
    Pattern Version: 4.381.00
    Release Type: New Malware Threat
    Notes: WORM_WOMBLE.AB

    March 30, 2007, 13:03:07 (GMT - 08:00)

    ---------------------
    New Virus Detected:
    ---------------------
    There are [426] new virus detected by the pattern file.
    All detailed virus names please refer to the list below.

    BKDR_AGENT.LQX
    BKDR_AGENT.LZL
    BKDR_AGENT.MBP
    BKDR_AGENT.MID
    BKDR_BIFROSE.VR
    BKDR_BIFROSE.VU
    BKDR_BIFROSE.WE
    BKDR_DELF.EHF
    BKDR_GRAYBIRD.RS
    BKDR_HEURISTI.AL
    BKDR_HEURISTI.AM

    BKDR_HUPIGON.CWH
    BKDR_HUPIGON.CXP

    This is a part from the page which gets updated with every virus pattern file update. Now the virus information page says nothing much about this bug. So is it their new heuristics or just some fancy bug named heuristik and its variants? If its heuristics then why they don't bother letting the users know about the feature?

    Yeah yeah I know about the av-comparatives result but its a simple question so product bashers stay out.
     
  2. Sjoeii

    Sjoeii Registered Member

    Joined:
    Aug 26, 2006
    Posts:
    1,240
    Location:
    52?18'51.59"N + 4?56'32.13"O
    The new heuristic engine is being tested as we speak. It is being tested by a few named testers all over the world. I have to say it works great .
     
  3. Sputnik

    Sputnik Registered Member

    Joined:
    Feb 24, 2005
    Posts:
    1,198
    Location:
    Москва
    Agreed here, also I'm one of the testers. Especially the false positives rate is very low, and I see more and more heuristic detections.
     
  4. Arin

    Arin Registered Member

    Joined:
    May 1, 2004
    Posts:
    997
    Location:
    India
    Thats excellent news! Well now I remember IBK saying this longtime ago about Trend Micro's heuristics based detection. I simply forgot it. Now I looked carefully and found some heuristic detection for trojans, dialers, packed malwares and password protected malwares. So its in the current engine version 8.320.1004. What is the version you guys are testing? Whats new in that?
     
  5. Sputnik

    Sputnik Registered Member

    Joined:
    Feb 24, 2005
    Posts:
    1,198
    Location:
    Москва
    We (currently) use the same engine, though we use custom signatures.
     
  6. mrhero

    mrhero Registered Member

    Joined:
    Jul 15, 2005
    Posts:
    297
    Location:
    Ankara , Turkey
    Hi sputnik, In my system new heuristics flags packed crack files as malware. But I know they aren't malware only keygens, cracks, etc. This type of behavior likes Sophos, Quickheal and Fortinet and not a good behavior IMO.
     
  7. Sputnik

    Sputnik Registered Member

    Joined:
    Feb 24, 2005
    Posts:
    1,198
    Location:
    Москва
    @mrhero
    True, on some more "exotic" packers it will cause false positives. Please notice that most of these packers are used on cracks, keygens, hacktools and stuff like that. So it shouldn't be any problem for most Trend Micro users.

    Though I'm in touch with the beta team regarding exe-packers for some months now, and they are working on it.
     
Loading...
Similar Threads
  1. JerryM
    Replies:
    12
    Views:
    3,064
Thread Status:
Not open for further replies.