(Msg. 2) Posted: Sat Aug 16, 2008 7:20 pm
Post subject: Re: AVG v8 heuristic mode [Login to view extended thread Info.] Archived from groups: per prev. post (more info?)
From: "Caesar Romano" <Spam.TakeThisOut@uce.gov>
| Does using the "heuristic" scan mode in AVG 8 do any good? Is that
| useful or just a gimmick?
Heuristics is something that all anti virus applications/scanners perform to one degree or
another.
Some you just enable/disable. Others you can enable with at various levels.
Basically all AV scanners use signature based detection. Heuristics takes it a step
further based upon known characteristic in the case of there not be a signature for a new
infector. Here the application/scanner takes the, "if it walks like a duck and squawks
like a duck then it must be a duck" approach. This greatly enhances detection. However
the negative side is an increase in False Positive declarations. This is where a
quarantine action comes into play. If a heuristic detection causes a file to be falsely
identified, the file will go into quarantine. Later when the file's declaration was
deemed to be a False Positive, the file can be restored.
In short, heuristics is NOT a gimmick and is quite useful.
(Msg. 3) Posted: Sun Aug 17, 2008 5:22 am
Post subject: Re: AVG v8 heuristic mode [Login to view extended thread Info.] Archived from groups: per prev. post (more info?)
On Sat, 16 Aug 2008 19:20:50 -0400, "David H. Lipman"
<DLipman~nospam~@Verizon.Net> wrote Re Re: AVG v8 heuristic mode:
>From: "Caesar Romano" <Spam DeleteThis @uce.gov>
>
>| Does using the "heuristic" scan mode in AVG 8 do any good? Is that
>| useful or just a gimmick?
>
>
>Heuristics is something that all anti virus applications/scanners perform to one degree or
>another.
>Some you just enable/disable. Others you can enable with at various levels.
>
>Basically all AV scanners use signature based detection. Heuristics takes it a step
>further based upon known characteristic in the case of there not be a signature for a new
>infector. Here the application/scanner takes the, "if it walks like a duck and squawks
>like a duck then it must be a duck" approach. This greatly enhances detection. However
>the negative side is an increase in False Positive declarations. This is where a
>quarantine action comes into play. If a heuristic detection causes a file to be falsely
>identified, the file will go into quarantine. Later when the file's declaration was
>deemed to be a False Positive, the file can be restored.
>
>In short, heuristics is NOT a gimmick and is quite useful.
All times are: Eastern Time (US & Canada) (change)
Page 1 of 1
You can post new topics in this forum You can reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
Home
Forums
Home
FAQ
Profile
Private Messages
Log in
Security