[Clamav-devel] Question about ClamAV

crazy thinker crazythinker91 at gmail.com
Thu May 11 05:11:53 EDT 2017


Hi ClamAV Developers, Users

SaneSecurtiy and SecruiteInfo provides better virus signature database
feeds. with help of this,  we can Increase the ClamAV Engine Detection Rate
up to 80%-90%. I had  already  integrated ClamAV Enine with unofficial
database (excluded official database) in experimental way. ClamAV
Performance better than earlier now. I want to rewrite the Engine first
from scratch and  i am looking for some guys who willing join to work with
me

when i debugged ClamAV CodeBase, i am interestingly  found that ClamAV
Creating  14 Engine Instances Internally. out of 14, one only Heuristic
Engine

ClamAV providing both Signature Baed Scanner and Heuristic Based Scanner.
As per my understanding, Signature Based Scanner will never involve in
false postive/false negative results. But Heuristic scanner some times
gives false postive/false negative results.

My Question is All AV Vendors  are Including  both Signature Based Scanner
and Heuristic Based Scanner in their Software? for an example, Most
Poplular AV Vendors like AVAST, KASPER SKY,AVG,NORTON,SYMANTEC do the same
thing?

I had researched on virus scanning tecniques with the help of google
engine..i come to know that heuristic scanning techniques provides
better results than traditional signature based scanning.. then why ClamAV
not created Scanner with Heuristic Scanning Technique Alone?
or  my thought   is wrong  ah ?


Thanks,
Crazy Thinker , Inc


More information about the clamav-devel mailing list