[Clamav-devel] Question about Heuristic Scanning and Signature Based Scanning

crazy thinker crazythinker91 at gmail.com
Tue May 9 01:49:09 EDT 2017

Hi ClamAV Developers,Users

As per My Understnading , Virus Signatures are Classified into two types

1.Static Virus Signatures(short/fixed  length virus signatures)
2.Dynamic Virus Signatures(long length Signatures with Regular Expression)

So  I guess, ClamAV performing both Signature Based Scanning and Heuristic
Based Scanning for Malware Detection Process

Please find below questions that in my mind

1.Does Signature Based Scanner uses  only  Static Signatures (not Dynamic
Signatures)  ?
2.Does  Heuristic Scanner uses only Dynamic Signatures for Malware
3. If Herusitc Scanner uses Behaviour Based Approach, why  Heuristic
Scanner needs Virus Database?
4.To implement   Efficient AV Scanner, Can I go with Heuristic Scanning
Approach and Excluding Signature Based Scanning Approach?

I would like to get help/suggestions from you guys...

Kindly waiting for your reply!!!!

Crazy Thinker, Inc

More information about the clamav-devel mailing list