- Feb 17, 2015
- 824
its like there is an option in avira AV to select the heurestic level to advanced heurestic or normal heurestic for detecting unknown malwares
- Feb 17, 2015
- 824
It's level of aggressiveness heuristic. This is possible change on "every" AV.
- Apr 26, 2015
- 815
Most AVs use heuristics... one notable exception is Emsisoft.
All the AVs that use heuristics allow the user to set the heuristics algorithm: Low - Medium - High.
High is aggressive - it might detect legitimate files - especially some WIndows system files, like Microsoft Malicious Removal Tool or something similar.
High is a huge system resource hog that will very likely double, if not triple or quadruple, the time required for a full-system scan and place high load on CPU.
For example, Comodo using Low heuristics will complete full system scan in about 40 minutes on my specific system. Using High heuristics it takes 2.5 hours. CPU load remains consistently in 75 to 100 % range during entire scan - and causes other apps to misbehave or not work at all (this is expected behavior under such high CPU load for all AV - not just Comodo). (On your system results will very likely be different - but follow the same trend).
You will find the same trend with all other AVs that use heuristics.
Who has "best" heuristics?: Avira, BitDefender, and Kaspersky.
All the AVs that use heuristics allow the user to set the heuristics algorithm: Low - Medium - High.
High is aggressive - it might detect legitimate files - especially some WIndows system files, like Microsoft Malicious Removal Tool or something similar.
High is a huge system resource hog that will very likely double, if not triple or quadruple, the time required for a full-system scan and place high load on CPU.
For example, Comodo using Low heuristics will complete full system scan in about 40 minutes on my specific system. Using High heuristics it takes 2.5 hours. CPU load remains consistently in 75 to 100 % range during entire scan - and causes other apps to misbehave or not work at all (this is expected behavior under such high CPU load for all AV - not just Comodo). (On your system results will very likely be different - but follow the same trend).
You will find the same trend with all other AVs that use heuristics.
Who has "best" heuristics?: Avira, BitDefender, and Kaspersky.
Last edited by a moderator:
- Mar 15, 2011
- 13,070
In such heuristic term, a simply matching hexadecimal is a basic term to detect in-related viuses/malware that consist of suspicious behavior however don't depend too much, as its ability is limited as possible no wonder how much advance technology like DNA Matching or in-depth generic analysis still percentges of efficiency is hardly at the rate of medium to medium high level.
If you are going to compare the test from various organizations Avira and Kaspersky; but sometimes Bitdefender.
The advantage of BB or HIPS should take care the most crucial part when everything bypassed.
If you are going to compare the test from various organizations Avira and Kaspersky; but sometimes Bitdefender.
The advantage of BB or HIPS should take care the most crucial part when everything bypassed.
Similar threads
