Jump to content

Heuristics scan

Wittmann
 Share

Recommended Posts

daledoc1

daledoc1

Posted
Posted

Hello and welcome back:

 

From the User Guide:
 

Threat Scan
This method of scanning detects a large majority of threats that your computer may be faced with. Areas and methods tested include:

  • Memory Objects: Memory which has been allocated by operating system processes, drivers, and other applications.
  • Startup Objects: Executable files and/or modifications which will be initiated at computer startup.
  • Registry Objects: Configuration changes which may have been made to the Windows registry.
  • Filesystem Objects: Files stored on your computer's local disk drives which may contain malicious programs or code snippets.
  • Heuristic Analysis: Analysis methods which we employ in the previously-mentioned objects — as well as in other areas — which are instrumental in detection of and protection against threats, as well as the ability to assure that the threats cannot reassemble themselves.

Wikipedia: Heuristic Analysis

 

The actual technology itself is likely proprietary, so the forum staff may not be able to provide further details.

 

Suffice it to say that it's an important part of MBAM's protection.

 

I hope this helps.

 

Thank you,

Link to post
Share on other sites
Wittmann

Wittmann

Posted
  • Author
Posted

Hello and welcome back:

 

From the User Guide:

 

Wikipedia: Heuristic Analysis

 

The actual technology itself is likely proprietary, so the forum staff may not be able to provide further details.

 

Suffice it to say that it's an important part of MBAM's protection.

 

I hope this helps.

 

Thank you,

Thank you.

 

I do  use  other scanners and they do not mention Heuristics as a scan parameter.

 

However, I  regard MBAM as a superbly designed and  user friendly program, that I consider MBAM to be "the jewel in the crown" for  manual scanning. I use Sandboxie, so the occasional sweeper scan is just a checking precaution.

Link to post
Share on other sites
daledoc1

daledoc1

Posted
Posted

You are most welcome.

 

Thanks for your interest and support.

 

Cheers,

 

P.S. You mention using "scanners" -- it sounds as if you are running MBAM Free and are running Manual scans???? If so, please be aware that Manual scans (with MBAM or any other security product) can only remove malware that has already made it onto the system.  In order to help PREVENT infection, one needs a robust, real-time anti-virus and MBAM Premium. ;)

Link to post
Share on other sites
Wittmann

Wittmann

Posted
  • Author
Posted

You are most welcome.

 

Thanks for your interest and support.

 

Cheers,

 

P.S. You mention using "scanners" -- it sounds as if you are running MBAM Free and are running Manual scans???? If so, please be aware that Manual scans (with MBAM or any other security product) can only remove malware that has already made it onto the system.  In order to help PREVENT infection, one needs a robust, real-time anti-virus and MBAM Premium. ;)

Thanks for that kind reply.

 

I rely on Sandboxie to stop entry of threats into my system and it does an incredible job. I have never had a serious infection in years of Sandboxie use, just a few PUP`s and trackers. To supplement I have Avast which also does a fine job. This combination has kept me clean for a very long time.

Link to post
Share on other sites
capair45

capair45

Posted
Posted

If it walks like a duck, looks like a duck, and quacks like a duck then mostly it's a duck.  :)  My understanding (and I am by no means an expert of any sort) is that hueristic analysis identifies code that, although unknown to most databases, presents itself as malware/virus.  In other words, it's acting like a threat even though it can't positively be identified.  Therefore, it's probably a threat.

Link to post
Share on other sites
Wittmann

Wittmann

Posted
  • Author
Posted

If it walks like a duck, looks like a duck, and quacks like a duck then mostly it's a duck.  :)  My understanding (and I am by no means an expert of any sort) is that hueristic analysis identifies code that, although unknown to most databases, presents itself as malware/virus.  In other words, it's acting like a threat even though it can't positively be identified.  Therefore, it's probably a threat.

 

"If it walks like a duck, looks like a duck, and quacks like a duck then mostly it's a duck."

 

That is the most  explicit description I have ever seen - I like it.

 

Can you  explain what "Pre-scan operations" actually does ?

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.