Riddle me this Batman.

Discussion in 'other anti-virus software' started by trjam, Mar 7, 2008.

Thread Status:
Not open for further replies.
  1. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    Ok, a product like Nortons Antibot will only detect when a nastie goes active. Would this also not be the same type of scenario for a AV product that is never set to do a scheduled scan.

    A AV in this case will only scan a file as it is opened or used, just as a product like Antibot, or something similar would do.

    How is this not the same thing.o_Oo_Oo_O
     
  2. solcroft

    solcroft Registered Member

    Joined:
    Jun 1, 2006
    Posts:
    1,639
    It's the same thing, only that the two products use different methods to detect malware. And of course, with greatly different effectiveness especially against zero-day malware.
     
  3. Sputnik

    Sputnik Registered Member

    Joined:
    Feb 24, 2005
    Posts:
    1,198
    Location:
    Москва
    AntiBot is a pure behaviour analyser, that's the difference. You can compare it with F-Secure's Deepguard.
     
  4. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    I should have said how is a AV any different from a HIPS if you do away with scheduled scanning.
     
  5. solcroft

    solcroft Registered Member

    Joined:
    Jun 1, 2006
    Posts:
    1,639
    And it looks like you got your answer.
     
  6. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    AVs can also detect on write (when the file is saved). Otherwise as solcroft has said, the difference are the methods used.

    Antiviruses have blacklists, behavior blockers analyze a file's actions, classical HIPS prompt, etc.
     
Loading...
Thread Status:
Not open for further replies.