AV 2009 (Not being Detected)

I assume we can also send files that are NOT being Detected by CAV 3.

I zipped & submitted AV 2009 with Subject “INFECTED” and password “infected”. Does CAV Also Detect Rouge Software? Anyway it’s off to the labs.


Here is the Report by CIMA.


[attachment deleted by admin]

keep sending them to us pls…


I’m getting the impression that CIMA detects malware installers:

but not the malware files which are installed:


The “problem” is this.

If you have a rouge AV download then if you try to install it it looks like a normal application and you have to press buttons like next and finish.

BUT !! if the Malware downloader is active it will “pre-script” it and silent install the AV.

I’m not sure if CIMA can “play user behavior” already.

you are 100% right Ronny. We are working on the user behaviour simulation.


So you guys can also detect Rouges with this behavior simulation? I guess part of the reason is also Heuristics which you mentioned will be available in the coming months…


yes it will detect the tricks malware authors put requiring user interaction. CIMA already uses Heuristic but like you said, we have even better heuristic coming soon.


Yes I know Heuristics is in CIMA already. :slight_smile:

And looking forward to it!