Lastst Database Updates Webpage "Removed" means
The following URL is the latest database information
I don't know why too many "Removed Detection" EVERYDAY?
Is it means the "False Alarm" for F-Secure Product?
https://www.f-secure.com/dbtracker/Aquarius/2014-12-22_01.html
Comments
-
Hello,
The answer is probably about consolidation most of the time. Traditional fingerprint-based virus detection tech, like the Aquarius engine, is still necessary, but a big burden for every antivirus vendor, because of the RAM footprint required. I heard Aquarius, when loaded in the computer's memory to perform on-access scanning, does not keep the names of viruses in memory, only their fingerprints. When a malware is found, F-Secure will access the hard drive to look up for the human-readable virus name, which will be displayed in the warning and logfiles.
Because of this, it is very beneficial to combine many specific virus detections into a single generic detection, which helps limit RAM needs. On the other hand, the generic detection must be of high quality and tested a lot before release, to avoid false alarms.
Yours Sincerely: Tamas Feher, Hungary.
5 -
Dear etomcat :
Thanks for your reply.
Fingerprint-based virus detection is using "file hash" ?
I think the modern detection should be using "behavior analysis" to improve fingerprint based detection.
if I change 1 bit for the virus file hash will be change.
I really suggest F-Secure change "virus idenity name" from number to "Virus Name"
ex : Gen:Variant.Kazy.522675
because the number is hard to trace and remember.
0 -
Hello,
> I think the modern detection should be using "behavior analysis"
Please remember that F-Secure is a multi-engined protection software:
Deepguard generation 5 (soon gen6) is the system / program behaviour based control and protection, combined with Cloud technology.
Gemini is a 32-bit heuristic virus scanning engine.
Best Regards: Tamas Feher, Hungary.
0
Categories
- All Categories
- 4.7K WithSecure Community
- 3.6K Products
- 1 Get Support