I hardly understand what heuristics is about, but I think it uses general patterns instead of specific signatures in identifying malware.

Is there evidence that this is very useful in the real world? NOD is the "king" in this area, and far ahead of anything else if I understand it correctly.
I am somewhat surprised that KAV has been so far behind, considering it is the best at on-demand detection from the results of AV Comparatives.

So I wonder at the probability that a virus would be identified as a results of heuristics.

Jerry

That is the reason for the retrospecitive test at av-comparatives. There is also a list that I can't find at the moment that lists all the malware NOD has caught heuristically. Can't find it at the moment though.

I don't think there is a list of malware detected by advanced heuristics. I receive more than one thousand of malware pieces from online scanners detected by ThreatSense on a daily basis.

{QUOTE-> http://www.nod32-av.com/heuristics/threatsense.htm <-QUOTE}

Oh Really? ;D

See the link below. It is a very small database, and NOD32 heuristics detects a lot more than what has been listed in the link below. :)

http://www.nod32-av.com/heuristics/threatsense.htm

And we should not forget the variant detection either.....NOD32's ThreatSense technology is a marvel. :)

Almost makes you want to buy NOD.;D

Thanks for the information. NODs combination of detection and heuristics makes it hard to equal.

Best,
Jerry

Right! Heuristics are very important today when many new variants and viruses appears ;)