On Mon, Dec 23, 2013 at 07:26 AM, 黄海涛 wrote: > 5.why I can't find some signatures from daily.cld or main.cld which is in > rankings (clamsigs-top10.rss), > for example: > Heuristics.Safebrowsing.Suspected-phishing_safebrowsing.clamav.net, > Heuristics.Safebrowsing.Suspected-malware_safebrowsing.clamav.ne, > Heuristics.Phishing.Email.SpoofedDomain, > BC.Heuristic.Trojan.SusPacked.BF-6.A.
By definition, heuristic detections are not signature based. They are determined by analyzing certain formats for something suspicious using a special heuristics engine. You should not find any "safebrowsing" signatures in main.c*d or daily.c*d as they aren't' supplied by ClamAV® You should not find any "BC" signatures in main.c*d or daily.c*d as they are in bytecode.c*d -Al- -- Al Varnell Mountain View, CA _______________________________________________ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/support/ml
