- Nov 15, 2012
- 1,765
Umbra Corp. said:to compare with real life (malware = criminal)
Signature = the police have the ID of a criminal (name & photo)
Heuristic = the clues that say to the police that this guy look like a criminal (but he may not be one, so: false accusation = False Positive)
DeadDrop said:Heuristics = Junk that bad AV software uses because it's signatures are crap and detect nothing.
Umbra Corp. said:to compare with real life (malware = criminal)
Signature = the police have the ID of a criminal (name & photo)
Heuristic = the clues that say to the police that this guy look like a criminal (but he may not be one, so: false accusation = False Positive)
you seriously don't know what you are talking the only downside of heuristics is that you may get some false positive sometime! and like umbra said all av have heuristics because signature can't cover all viruses mainly new!DeadDrop said:Heuristics = Junk that bad AV software uses because it's signatures are crap and detect nothing.
Fiery said:Heuristics are algorithms used by the AV engine to detect malicious files when the AV doesn't have a signature for that particular malware. It will examine characteristics of the file and flag it if it deems it malicious. Since the AV is not detecting the file using signatures, this method creates false positives.
Heuristics are important because AV vendors simply can't keep up making signatures for all the malware out there. Therefore, it resorts to heuristics to catch malware not in the signature database.
Umbra Corp. said:CIS and Avira rely heavily on Heuristics so they have more FPs than others.
MrExplorer said:Ok, Comodo Internet Security is too Good but i thing lack of Features.
Umbra Corp. said:MrExplorer said:Ok, Comodo Internet Security is too Good but i thing lack of Features.
seriously?!
AV + FW + BB + HIPS + Cloud + Kiosk + Full Sandbox + File Rating + Killswitch + Autorun + CCE...? not enough features for you
Umbra Corp. said:Web Protection & Email protection are gadget feature.
When you go in an infected website or got an infected email, the malware is blocked right away when it is in the memory by the AV.