[clamav-users] Low detection rate

Shawn Webb swebb at sourcefire.com
Mon Mar 3 08:49:36 EST 2014

On Mon, Mar 3, 2014 at 7:28 AM, Steve Hill <steve at opendium.com> wrote:

> I'm using clamd together with exim under Scientific Linux 6.3 and I'm
> having problems with Clam not detecting many viruses - in fact, looking
> back through the logs it basically only seems to be finding a few phishing
> emails.
> Other virus scanners are picking up a number of viruses which are being
> allowed through by clam - for example, http://persephone.nexusuk.org/
> ~steve/eticket_ba_70391830.doc is identified as CVE_2010_3333 by a number
> of other scanners, but clam says it's clean (I've now submitted this to the
> sendvirus page on the website).
> I'm using ClamAV 0.98.1 from the EPEL repository and as far as I can tell
> my virus signatures are up to date:
> # freshclam
> ClamAV update process started at Mon Mar  3 12:25:40 2014
> main.cvd is up to date (version: 55, sigs: 2424225, f-level: 60, builder:
> neo)
> daily.cld is up to date (version: 18526, sigs: 719612, f-level: 63,
> builder: neo)
> bytecode.cld is up to date (version: 236, sigs: 43, f-level: 63, builder:
> dgoddard)
> I'm not sure how to go about debugging the problem - any advice would be
> welcome.

Hey Steve,

You can submit files you suspect are legitimate malware here:



More information about the clamav-users mailing list