Many people ever heard about Heuristic detection or in other name some security product called it TruPrevent, AHeAD as well as Portable Antivirus called it Alternator Heuristic Technology (AHT). In simple word, Heuristic technology is a method to determine if the program is similar to the previous detection of common viruses.
Here it is a good explanation about Heuristic taken from Wikipedia:
Heuristic (/hjuːˈrɪs.tɪk/) is an adjective for methods that help in problem solving, in turn leading to learning and discovery. These methods in most cases employ experimentation and trial-and-error techniques. A heuristic method is particularly used to rapidly come to a solution that is reasonably close to the best possible answer, or 'optimal solution'. Heuristics are "rules of thumb", educated guesses, intuitive judgments or simply common sense. Heuristics (hyu-ˈris-tiks) as a noun is another name for heuristic methods.
In more precise terms, heuristics stand for strategies using readily accessible, though loosely applicable, information to control problem solving in human beings and machines.[1] Forensic engineering is an important tool in tracing defects in products and processes. The Heuristic Model or commonly referred to as the (gut-level approach) is a simplified method of decision making that put emphasis on internal personality attributes of the decision maker.
There is several way for making Heuristic detection:
- Detecting double extension file
- Detecting based on PE-Section hash
- Detecting based on Resource Section
- Detecting based on Compression method
- Detecting based on String
- Detecting based on API