Actually,I want to test everyone. We have tested Heuristics.Encrypted.RAR, what about others? Thanks.
>> I have three questions about Heuristic Scan in ClamAV . >> 1.What type of file will be scanned as a Heuristic scan? > > All engine detections (as opposed to signature-based) are prefixed with > Heuristics. > >> 2.How can I configure the Heuristic function with enable or disable? > > Depends on category, you can enable/disable these in clamd.conf: > > ArchiveBlockEncrypted: > Heuristics.Encrypted.RAR > Heuristics.Encrypted.Zip > > OLE2BlockMacros: > Heuristics.OLE2.ContainsMacros > > PhishingScanURLs: > Heuristics.Phishing.Email > Heuristics.Phishing.Email.Cloaked.Null > Heuristics.Phishing.Email.Cloaked.NumericIP > Heuristics.Phishing.Email.Cloaked.Username > Heuristics.Phishing.Email.SpoofedDomain > Heuristics.Phishing.Email.SSL-Spoof > Heuristics.Phishing.URL.Blacklisted > > SafeBrowsing (freshclam.conf): > Heuristics.Safebrowsing.Suspected-malware_safebrowsing.clamav.net > Heuristics.Safebrowsing.Suspected-phishing_safebrowsing.clamav.net > > StructuredDataDetection: > Heuristics.Structured.CreditCardNumber > Heuristics.Structured.SSN > > AlgorithmicDetection: > Heuristics.Exploit.W32.MS04-028 > Heuristics.Exploit.W32.MS05-002 > Heuristics.PDF.ObfuscatedNameObject > Heuristics.Trojan.Swizzor.Gen > Heuristics.W32.Kriz > Heuristics.W32.Magistr.A > Heuristics.W32.Magistr.A.dam > Heuristics.W32.Magistr.B > Heuristics.W32.Magistr.B.dam > Heuristics.W32.Parite.B > Heuristics.W32.Polipos.A > Heuristics.Worm.Mydoom.M.log > >> 3.How can I get some files that can test the Heuristic function? > > Depends on category again. For Heuristics.Encrypted.RAR you can create > an encrypted file yourself. Which one do you want to test? > > Best regards, > --Edwin > _______________________________________________ > http://lurker.clamav.net/list/clamav-devel.html > Please submit your patches to our Bugzilla: http://bugs.clamav.net > _______________________________________________ http://lurker.clamav.net/list/clamav-devel.html Please submit your patches to our Bugzilla: http://bugs.clamav.net
