[clamav-users] Bad detection rate
Walter Bürger
walter.buerger at arscons.de
Mon Jun 23 15:47:05 UTC 2014
Hi dear ClamAV team,
ClamAV is a good software and it runs very stable
on my servers for years!
Many thanks for ClamAV and for your efforts making it
such a stable software!
Nevertheless, the detection rate of viruses, trojans, etc.
is not very good.
Almost every time I submit a sample file on virustotal.com
ClamAV can not detect the virus or malware.
This morning I submitted the file
Rechnung_23_14_06_198630274520031_telekom_deutschland_GmbH.exe
(MD5 ad690be247dda635781e20887fcac0e7)
on virustotal.com.
4 out of 54 scanners detected a virus
(NOD32 named it Win32/Kryptik.CFAE)
but ClamAV did not detect it.
About 4 hours later I checked again and
12 out of 54 scanners detected a virus in this file
but ClamAV did not detect it.
Of course I submitted this sample file on
http://www.clamav.net/lang/en/sendvirus/submit-malware/
too.
Up to now, I never got a notification, although "Notify me" was checked.
A few minutes ago on one of my mailservers:
clamdscan Rechnung_23_14_06_198630274520031_telekom_deutschland_GmbH.exe
Rechnung_23_14_06_198630274520031_telekom_deutschland_GmbH.exe: OK
Why shall we not post more than two sample files per day ?
I think you would get many more sample files and hence a better
detection rate.
While submitting my sample file to
http://www.clamav.net/lang/en/sendvirus/submit-malware/
"Share this sample with other AV vendors" was checked.
Do other AV vendors share their samples with ClamAV ?
What can we do to improve the detection rate of ClamAV ?
Best regards,
Walter.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 258 bytes
Desc: OpenPGP digital signature
URL: <https://lists.clamav.net/pipermail/clamav-users/attachments/20140623/7f732042/attachment.sig>
More information about the clamav-users
mailing list