While I suppose the questions about the standard naming sequences may help, I would propose one other idea (along with asking for help with my question :-)
First: I see a hit in my logfiles for Exploit.HTML.Bagle.Gen-4-eml; is this the variant I've read about where if a user on Windows *previews* a mail message (no attachment), they can get infected?
Second: is there a database for clamav with descriptions of the viruses? I wondered if some kind of user-supplemented database could be used online, and *there* have the aliases, rather than bulk up the antivirus database with aliases and pseudonyms. If you see a virus hit, you could refer to the online site and check for AKA's of the virus name (as well as information of what the viruses are capable of). Just an idea...
------------------------------------------------------- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click _______________________________________________ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
