hi, (:WAV)
maybe this is a silly suggestion.
see the attached screenshots?
that’s an Indonesian local AV.(thx aladinonl) called mawar AV.
a college boy created it. no update available for this AV coz the AVmaker lacks of resources to make an update server, so as a replacement he add an option to mark a suspected file as a virus and add the suspected file into virus sig database.
i think this is a good enhancement for an AV or HIPS, coz i think the function of HIPS is only block/allow the app, (not get rid of it).so if the virus has duplicated itself, then we’ll have many junk virus files, but if the app’s marked & added to virus sig database, we can do scanning and clean the virus.
so, any opinion?
Ganda
edit : [ask] i’ve cleaned a virus with this function. and i’ve submitted the virus file using “submit files” option on “quarantine” tab on CAVS. i just submit the EXE file,not zip it. is it acceptable?
[attachment deleted by admin]