Hello Tom,
Tom Shaw wrote:
Jose,
If you use the unofficial signatures it might help you. See
http://www.sanesecurity.co.uk/databases.htm
One of my signatures, winnow_malware.hdb, detect numerous (over 3000 at
present) malware that are not yet detected in stock ClamAV sigs. The
current list is documented at
http://www.oitc.com/winnow/clamsigs/MalwareSignatures.html
Undetected virus samples or urls to the virus paylaod can be sent to
virus_samples at oitc.com. They will be processed and added if necessary
to winnow_malware.hdb and will be forwarded to the official ClamAV
signature team.
Thanks for the suggestion. I'll give a try and even submit samples.
What I do here is to quarantine all messages with small zips. Virus
scanning is done offline. After some hours, if the message is clean,
it's freed, if not, it's definitively deleted. In the last days, very
most quarantined messages were infected but not detected by Clamav.
I'll integrate winnow_malware.hdb.
Thanks for the suggestion.
--
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
