用过VBA32和a-squared的进来一下

悠柚

VBA32的malwarescope是什么技术？而且vba报的还有oscope这两个有什么区别？

另外a2下载ik的库后，有没有ik的suspect技术，就是报suspect-codepart xx之类的

The EQs

MalwareScope™. The usage of this technology allows building automatically a single entry in the Vba32 antivirus database for a definite family of malicious programs to detect the whole existing family. Moreover the program robot forecasts the possible ways of malware evolution and allows creating "look-ahead" notes to detect the modifications that haven’t been created yet. Thus it solves one of the major issues of traditional signature search when a virus analyst has to get code of a malicious program before it is added to antivirus database. Now the program can recognize modifications by itself and detect a virus even if it has been modified by the author or a virus family has been created on its basis.

悠柚

那a2的问题谁来帮助一下

algebra

IK除了扫描器好像现在自己的GUI版本都没有启发吧

yeow5243

我也想知道

xiaochi12

IK全线停用启发，可以用旧引擎开启启发，不过查杀可能会降，因为定义精简了，旧引擎有部分读不出来

悠柚

谢谢解答
不过为什么不用启发呢？
难道是误杀太严重了？

yybcym

也许正在改进