I sometimes see posts claiming that CIS the heuristic part only scans for packers… 
Today I found out that thats not true… 
Those are FPs but still…
http://img13.imageshack.us/img13/9631/lamepackerna.jpg
Its a “proof” that it also scans for “suspicious attributes” Whatever that is… Ofc this is probably nothing compared to CIMA heuristic we will see in 3.9… But I think it proves that CIS 3.8 is über cool… =) ;D ;D
I’ve never seen a single such detection (but have seen bunch of those that are packer related) to date so this doesn’t really change my point of view on this. Packer detection should be optional anyway.
C:\Program Files\Spybot - Search & Destroy>attrib
A SHR I C:\Program Files\Spybot - Search & Destroy\GKGKMMPLYGESI.scr
A SHR I C:\Program Files\Spybot - Search & Destroy\GWFULHYW.scr
A SHR I C:\Program Files\Spybot - Search & Destroy\HWUVYYTFVG.scr
A SHR I C:\Program Files\Spybot - Search & Destroy\IBFHTQVEINXTNDN.scr
A SHR I C:\Program Files\Spybot - Search & Destroy\JJKFPLEANSPZG.scr
A SHR I C:\Program Files\Spybot - Search & Destroy\LFLYOM.scr
Archive, System, Hidden, Read-Only bits are set for these.
On every AV or just CAVs? ???
In every, but then again, every other already offers that. Except CIS… 88)
AVIRA is a nice example and i keep PCK category disabled at all times. But i can always enable it if i’d want ultra agressive detection.
If anything it should be enabled by default with a option to turn it off.