Heuristics detectings contra cleaning infected files!

Discussion in 'other anti-virus software' started by Firefighter, Dec 17, 2005.

Thread Status:
Not open for further replies.
  1. Firefighter

    Firefighter Registered Member

    Joined:
    Oct 28, 2002
    Posts:
    1,670
    Location:
    Finland
    Just wondering, do you mainly need signatures before you can clean infected files?

    Best regards,
    Firefighter!
     
  2. Technodrome

    Technodrome Security Expert

    Joined:
    Feb 13, 2002
    Posts:
    2,140
    Location:
    New York
    I'd say yes unless we are talking about generic virus detection.


    tD
     
  3. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    It's not about signatures only, a cleaning algorithm for a particular virus must be supported as well.
     
  4. Firefighter

    Firefighter Registered Member

    Joined:
    Oct 28, 2002
    Posts:
    1,670
    Location:
    Finland
    So, to have the best working user friendly protection available, there is a must to have an excellent heuristics, short delays to signature updates after suspicious files, a cleaning algorithm for a particular virus, capability to scan all kind of archives because the need to clean those files inside those archives, what more? Where we can find that beauty?

    Best regards,
    Firefighter!
     
  5. cupez80

    cupez80 Registered Member

    Joined:
    Jun 28, 2005
    Posts:
    605
    Location:
    Surabaya Indonesia
    no AV has all that aspect yet :D beauty is very subjective
     
  6. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    7,927
    Location:
    The land of no identity :D
    Future versions of AV heuristic engines may automatically scan the registry for entries related to the file name of the infected file and delete such malicious entries.

    Also, these future versions may offer an option to try and do a "generic/heuristical cleaning" of the file, after safely quaranting it.
     
Loading...
Thread Status:
Not open for further replies.