1 of 1 people found this helpful
we don't have a signature for fake-AV software. Keep in mind that the maximum file size for File Reputation is 1 MB.
Do you know if there are any plans to include signatures for this type of threat?
I really doubt it. The IPS is not an AV scanner. If you would like to detect this thread on the wire then you may want to test McAfee Web Gateway, as it uses the same DAT files as the McAfee VSE.
thanks for your reply!
I've to have a chat with my colleges administrating our McAfee WebGateway. Maybe they can do something against those annoying fake avs.