Dennis Peterson wrote: > Christoph Cordes wrote: > > Dennis Peterson wrote: > > > I already know the question is difficult, but it isn't impossible > > > to answer as there are other AV vendors who have a solution for > > > this particular problem if the article is to be believed. > > > > > > > So you want to know if the ClamAV Team monitors an infected system > > to get hands on the files in case the malware is updated by the > > maintainer - right? > > > > If this is the question, the answer is: No, we donĀ“t. > > > > That's not the question. The question as asked by management is "Why > does ClamAV report it doesn't catch this virus while these others do?" > and my answer is "I don't know - and the ClamAV people don't know, > either". > > While it's the truth, neither of us looks real good now, and I haven't > even mentioned that nobody at ClamAV seems particularly proactive > about looking into it. That will remain our little secret for now.
I'm sure the ClamAV guys will be glad to look into it if you can provide a copy of the virus. However, until someone can provide the virus sample, we really don't know what they were testing and thus nobody can give any definitive answers. All I can tell you is that I have ClamAV running on my mailserver and Symantec on the desktops (both are updated constantly). ClamAV catches stuff all the time. I don't remember the last time something got through and was caught by Symantec. -- Bowie Bailey BUC International _______________________________________________ http://lurker.clamav.net/list/clamav-users.html
