Mart Worou Posted January 4, 2020 Report Share Posted January 4, 2020 I've never seen malware with a detection name that would indicate that it was detected using heuristics, and I haven't found anything about heuristics on www.emsisoft.com, which leads me to wonder if Emsisoft uses them at all. Though I have seen detection names that would indicate that it is a broader, less specific signature (for example I've seen "Application.Downloader (A)" a number of times, each for different programs). Are those indicative that the file was detected by heuristics? Link to comment Share on other sites More sharing options...
GT500 Posted January 7, 2020 Report Share Posted January 7, 2020 We consider heuristics to just be another type of signature, and yes we do use them in our database, as does BitDefender. On 1/4/2020 at 9:33 AM, lucaStronks said: Though I have seen detection names that would indicate that it is a broader, less specific signature (for example I've seen "Application.Downloader (A)" a number of times, each for different programs). Are those indicative that the file was detected by heuristics? That a PUP (Potentially Unwanted Program) detection, and we use fairly generic names for them. In these cases I would believe they are not usually heuristic detections. Link to comment Share on other sites More sharing options...
Mart Worou Posted January 7, 2020 Author Report Share Posted January 7, 2020 Thank you for the reply. I take it there is no way to see if a file was detected by heuristic signatures or more specific signatures by looking at the detection name then, right? Link to comment Share on other sites More sharing options...
Elise Posted January 7, 2020 Report Share Posted January 7, 2020 Generally speaking if you see (A) or (B) behind a detection name it is a signature detection. If it is not there and the detection is not from the Surf Protection (URLs), then it usually is a heuristics detection. Link to comment Share on other sites More sharing options...
Recommended Posts