[clamav-users] detection of really old viruses?
Marcel Giannelia (Felix)
info at skeena.net
Sun Nov 23 04:32:11 UTC 2014
On Sat, 22 Nov 2014 18:53:58 -0800
Al Varnell <alvarnell at mac.com> wrote:
>
> AFAIK, definitions exist forever unless they have been found to cause
> False Positives.
>
> You can normally find the date a definition was added by searching
> the clamav-virusdb archive:
> <http://lurker.clamav.net/list/clamav-virusdb.en.html>
Confirmed;
e.g. searching that list for "CIH" (a.k.a. "Chernobyl", from about 1998
or 99) shows "W95.CIH-II.882" and some variants were added to the defs
in about 2003.
sigtool -l of the current main.cvd shows that these definitions are
still present in current.
Thanks,
~Felix.
More information about the clamav-users
mailing list