On 2014-10-31 20:33, Dustin wrote:
> Virus Guy wrote in
> news:m319ak$kuh$1@speranza.aioe.org:
>
>>> because of the packer used is pretty lame ...
>>
>> Yet it's clear by these and other papers that the AV/AM industry
>> relies heavily on packer characterization as a primary method of
>> malware detection.
I'd prefer my AV to detect it through code emulation, but I admit that I
did delete files (keygens and whatnot) that were flagged because of the
packer. I don't need the risk; nowadays I can just buy whatever program
it is, that I have a flagged keygen for...
> It can be considered a heuristic activity if the packer isn't known
> to be used for mainstream, but is used for protecting malware. Some
> packers are only developed for that purpose. I have no issue with
> software that locks onto them.
[snip]
>> It is however clear that for the moment, a bullet proof Antivirus
>> solution is still yet to come despite the significant advances
>> that some of these solutions have made.
>
> yet to come is false hope. :)
I agree.
Best Regards,
--
! _\|/_ Sylvain / B00ze64@hotmail.com
! (o o) Member-+-David-Suzuki-Foundation/EFF/Planetary-Society-+-
oO-( )-Oo JUMP! - One hundred thousand Lemmings can't be wrong.
--- NewsGate v1.0 gamma 2
* Origin: News Gate @ Net396 -Huntsville, AL - USA (1:396/4)
|