[clamav-users] Low detection rate

Alain Zidouemba azidouemba at sourcefire.com
Mon Mar 3 15:14:43 UTC 2014 

Confirming a false negative on the sample you mentioned. We'll provide
coverage as soon as possible. Please continue to submit your malware
samples to: http://www.clamav.net/lang/en/sendvirus/

Thanks,

- Alain


On Mon, Mar 3, 2014 at 7:28 AM, Steve Hill <steve at opendium.com> wrote:

>
> I'm using clamd together with exim under Scientific Linux 6.3 and I'm
> having problems with Clam not detecting many viruses - in fact, looking
> back through the logs it basically only seems to be finding a few phishing
> emails.
>
> Other virus scanners are picking up a number of viruses which are being
> allowed through by clam - for example, http://persephone.nexusuk.org/
> ~steve/eticket_ba_70391830.doc is identified as CVE_2010_3333 by a number
> of other scanners, but clam says it's clean (I've now submitted this to the
> sendvirus page on the website).
>
> I'm using ClamAV 0.98.1 from the EPEL repository and as far as I can tell
> my virus signatures are up to date:
> # freshclam
> ClamAV update process started at Mon Mar  3 12:25:40 2014
> main.cvd is up to date (version: 55, sigs: 2424225, f-level: 60, builder:
> neo)
> daily.cld is up to date (version: 18526, sigs: 719612, f-level: 63,
> builder: neo)
> bytecode.cld is up to date (version: 236, sigs: 43, f-level: 63, builder:
> dgoddard)
>
> I'm not sure how to go about debugging the problem - any advice would be
> welcome.
>
> Thank you.
>
> --
>  - Steve Hill
>    Technical Director
>    Opendium Limited     http://www.opendium.com
>
> Direct contacts:
>    Instant messager: xmpp:steve at opendium.com
>    Email:            steve at opendium.com
>    Phone:            sip:steve at opendium.com
>
> Sales / enquiries contacts:
>    Email:            sales at opendium.com
>    Phone:            +44-844-9791439 / sip:sales at opendium.com
>
> Support contacts:
>    Email:            support at opendium.com
>    Phone:            +44-844-4844916 / sip:support at opendium.com
> _______________________________________________
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
> http://www.clamav.net/support/ml
>

More information about the clamav-users mailing list