May 15th, 2004, 04:28 PM
How do Heuritic Scanners Work?
Any idea how heuristic scanners work? I read a lot about how how the infected file is put in a "sandbox" and is checked for any activity...Wat exactly takes place??And secondly...is this really effective in detecting viruses?
May 15th, 2004, 04:39 PM
A heuristic scanner searches elementary assembly language, in the hopes of detecting little known infections. They’re many false positives with this type of scanner because it tries to learn and make assumptions based on the behavior of the virus.
edit: here's some links of interest for you:
May 15th, 2004, 07:32 PM
Your heuristic scanner works on "algorithms" or rules............like if something tries to amend the registry, prepend or append to an executable, and so on............it will give you a warning.
Now, your "sandbox" is a different concept.............here, an incoming executable is put in an area where it's activity is monitored...........if it tries to access areas outside the sandbox.............it is a cheater.
A bit like home and away games...........heuristics are at home...........the sandbox is away?
I hope that explains
May 15th, 2004, 08:40 PM
Thanks for cleaning it up and finishing his questions.
May 16th, 2004, 10:27 AM
good post nihil
October 13th, 2004, 05:12 PM
think i got a solution for that! and not only that if u want to know about working of anything you can just visit the website: