dallas7 Posted February 24, 2011 Report Share Posted February 24, 2011 The hidden geek inside of you will enjoy this from the edge of the ImmuClam Galaxy: How do you know which engine detected the file?* if the virusname starts with "W32." then it is a cloud detection * if it starts with "W32.SPERO.", it is a cloud detection from the SPERO heuristic engine * if it starts with "W32.ETHOS.", it is a cloud detection from the ETHOS heuristic engine * if it starts with "W32.Clam.", it is a file that was detected by ClamAV on the cloud * if it starts with "Clam.", it is a local ClamAV detection * if it starts with "Clam." and ends with ".UNOFFICIAL", then it is your custom signature There's a ton of neat stuff over there: http://blog.clamav.net/ And that includes some rather detailed and interesting info on how Immunet does its thing. @Immunet: •Is there a similar report string for BitDefender? •Is my understanding correct in that the local ClamAV database is in the scan loop ONLY if offline? Thank you! Link to comment Share on other sites More sharing options...
This topic is now archived and is closed to further replies.