Search found 2 matches

by TippeX
Sat Jan 10, 2015 12:48 pm
Forum: Offtopic
Topic: Изучаем ProtectionID v0.6.4.0
Replies: 3
Views: 41266

Re: Изучаем ProtectionID v0.6.4.0

yup, im the author.. and i agree the heuristics are relatively simplistic, but as i mentioned they really are just 'hints' used to reduce false positives and to avoid executing code that may not be needed (like some of the pattern scans)... we enter cat vs. mouse though with some protectors wanting ...
by TippeX
Sat Nov 01, 2014 7:59 pm
Forum: Offtopic
Topic: Изучаем ProtectionID v0.6.4.0
Replies: 3
Views: 41266

Re: Изучаем ProtectionID v0.6.4.0

actually we do use the heuristics to influence the scans... sure pattern scans are used.. pretty much everything does that but the heuristics are checked to reduce false positives.. the heuristics for example imply.. the entrypoint is not in the first section, entrypoint section is rwe, first sectio...