Hi,
I know that clamav is designed to scan emails well, and it does a very
good job of that. It can also scan files on the HD. In order to improve
the scanning of files on the HD, has anyone considered building a
signature database of know virus free executables. clamav could then do
a checksum on each file, if the checksum matches a known good signature
for that filename, it can skip scanning it for viruses. One could also
then do reports of all the "unrecognised executables" and let the user
either manually accept an unknown executable, or submit it to be entered
into the know virus free executables. One would also need to
specifically exclude certain directories, for example a developer who is
compiling new executables often, but in general, I think this might
protect a windows user a bit better from "unknown" viruses.
James
_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
