Originally posted here by darkcod3r
By this do you imply that this software uses some form of ' intelligent pattern recognition' to classify a progam as malware, rather than just matching signatures?
I'm not sure... I'm sure there are ways of doing this and I wasn't sure whether methods already existed.

afaik, heuristic analysis still need rules... and virus creators would most definately find these out and write around them!!

Is there nothing else?

I know a linux distribution called "CHAOS" (which has very limited uses...) does hash checking on its kernel and other files every n seconds to ensure integrity (it would restarts OS and/or notify user of event if didn't match) I'm not suggesting we can do this exactly in other OS's... but its a more proactive approach than downloading definitions... Or would this just get written around as well?