Avast! heuristics

Can anyone clarify the heuristics capabilities for Avast! ?

It seems that heuristics settings are only in the email scanner not in the resident protection/standard shield module.. is this correct? does Avast! use resident heuristics in the standard shield? if not what effect does this have?

Regards

 

No Heuristic Engine in Avast, but I think some kind of Validation, because in Tests it stops some Malware that was new and not in the Database.
If this is good or bad I can't tell you, but the Test results are OK.

 

avast! uses so called 'generic signatures', just like McAfee for example.

 

heuristics are average. not fantastic.

 

It's just a terminology thing.

Technically, avast does indeed use heuristics in the sense that it contains signatures and/or routines designed to detect broad families/variants of malware.

But if the equation "heuristics = code emulation" holds in your books, then no, the current version of avast doesn't contain a heuristic engine.

This is going to change with avast v5.


Cheers
Vlk

 

which will come out on? betas? alphas? how do you know all this?

 

he is an av-expert,

an AVAST, av-expert.

 

Heuristics in the AV world just mean that the detection is based on rules rather than on exact identification. Whether that is done by evaluating data gathered during emulation or other techniques doesn't really matter for the use of the term.

Saying an AV has no heuristics because it does not employ emulation for gathering data is plain wrong. Generic Signatures != Heuristics, Generic Detections can be based on Heuristical Rules or Generic Signatures.

 

Well that answers 1 third of my question.

 

https://www.wilderssecurity.com/showpost.php?p=1146285&postcount=33

 

it has been a month since that was posted...

 

And we're still in January. He's hopeful of a release in 2008 - didn't say when though.

 

You could always check out the Avast forums for more info. And VLK top dog as we used to say.

 

and?

the reply still applys, sometime in 2008.

it wasnt close just a month ago, so doubt its just around the corner.

 

There will be something around February, start of March. No, it won't be v5.0, but it'll be a nice surprise indeed Can't tell more yet...

 

Thanks for your replies, much clearer..

 

mmm, it wouldn't be a firewall by any chance would it?

 

and? its been a month since that was posted, something could have happenned!

 

Are you playing with this already?
It will be interesting to see what the folks at Alwil have been cooking in the labs.

 

Word was they were working on a Avast FW but no news yet. Should be the Avast 4.8 ready soon with Rootkit detection. Version 5 should really be a doozy.

 

http://forum.avast.com/index.php?action=profile;u=4

 

thanks, but i will try and register...

 

I'm switching back to avast the moment they put heuristic under the hood of avast!
Many regards to all!