At 12:20 AM +0300 9/24/09, Jari Fredriksson wrote:
>>
This is what I found about Phishing and Heuristics.
Dangerous? When I review the quaratine anyway.
No more than sanesecurity rules and alot more than my
winnow_malware.hdb which would have caught your virus.
Point being you might just want to consider what you have
running...
Tom
Come'on Tom. Winnow might very well cought that, but I got it caught
with F-Prot and BitDefender too.
The trojan itself is not my problem. My problem was that ClamAV did
not get it, and did not allow me to report it in their website.
I give rat's ass to WinNow. If I would have been interested in
SaneSecurity or WinNow I would have installed those again, and
tested with them.
The ClamAV website reporting is not about WinNow, it is about ClamAV
vanilla. Am I wrong?
Nope. Just there have been numerous posts here from sourcefire and
clamav folks explaining that they have a backlog in creating rules so
you should not be surprised that stock signatures might miss malware
which is why some of the addon signature files came into existence.
I am a tad confused about your reporting comment as the clamav web
reporting mechanism works fine at least for me and you can also
report via virustotal as well.
Anyway glad your happy with your config.
Tom
btw its winnow as in to remove the wheat from the chaff and has
nothing to to with Microsoft or Windows per se.
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
