[clamav-users] clamav-users Digest, Vol 130, Issue 9
Robert Boyl
robertboyl at gmail.com
Fri Jul 17 14:48:34 UTC 2015
Thanks, will report it.
2015-07-15 13:00 GMT-03:00 <clamav-users-request at lists.clamav.net>:
> Send clamav-users mailing list submissions to
> clamav-users at lists.clamav.net
>
> To subscribe or unsubscribe via the World Wide Web, visit
> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
> or, via email, send a message with subject or body 'help' to
> clamav-users-request at lists.clamav.net
>
> You can reach the person managing the list at
> clamav-users-owner at lists.clamav.net
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of clamav-users digest..."
>
>
> Today's Topics:
>
> 1. Banload not detected (Robert Boyl)
> 2. Re: Banload not detected (Alain Zidouemba)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Tue, 14 Jul 2015 13:22:35 -0300
> From: Robert Boyl <robertboyl at gmail.com>
> To: clamav-users at lists.clamav.net
> Subject: [clamav-users] Banload not detected
> Message-ID:
> <
> CAP2Gz+mDwHLQqDkmv9cYm2WxiNToe2WBKAR-Npxo6ZZSzVH+Kg at mail.gmail.com>
> Content-Type: text/plain; charset=UTF-8
>
> Dear Sir,
>
> Our mail server Qmail has latest ClamAV:
>
> main.cld is up to date (version: 55, sigs: 2424225, f-level: 60, builder:
> neo)
> daily.cld is up to date (version: 20691, sigs: 1477959, f-level: 63,
> builder: neo)
> bytecode.cld is up to date (version: 265, sigs: 47, f-level: 63, builder:
> neo)
>
> But it did NOT detect a virus which is detected by Clam.
>
> This one:
>
> https://www.virustotal.com/pt/file/eb495bcdfb517743ced48d1b165b046739fb621cc693cb09fed8c879684851f3/analysis/1436790221/
>
> I see it was added in June updated
>
> The following submissions have been processed and published:
> - Win.Trojan.Banload-6197
> - Win.Trojan.Banload-6198
>
> See http://lists.clamav.net/pipermail/clamav-virusdb/2015-June/
>
>
>
> Pls advise?
>
> Thanks,
> Robert
>
>
> ------------------------------
>
> Message: 2
> Date: Tue, 14 Jul 2015 12:35:37 -0400
> From: Alain Zidouemba <azidouemba at sourcefire.com>
> To: ClamAV users ML <clamav-users at lists.clamav.net>
> Subject: Re: [clamav-users] Banload not detected
> Message-ID:
> <
> CAGQQWQmk_UfFEhTmOJoQRRWSj-CsU-d6Eeu6KrnQqa6g30_UqQ at mail.gmail.com>
> Content-Type: text/plain; charset=UTF-8
>
> Not sure I understand the problem you are facing.
>
> If you are asking if ClamAV with official signatures would detect the zip
> file whose SHA256 is
> eb495bcdfb517743ced48d1b165b046739fb621cc693cb09fed8c879684851f3,
> then the answer is yes. The detection name you would see is
> Win.Trojan.Banload-6198.
>
> If however, you have encountered a file that you believe to be related to
> SHA256 eb495bcdfb517743ced48d1b165b046739fb621cc693cb09fed8c879684851f3
> that ClamAV does not detect, then please have it submitted here:
> http://www.clamav.net/report/report-malware.html
>
> Thanks,
>
> - Alain
>
>
>
> On Tue, Jul 14, 2015 at 12:22 PM, Robert Boyl <robertboyl at gmail.com>
> wrote:
>
> > Dear Sir,
> >
> > Our mail server Qmail has latest ClamAV:
> >
> > main.cld is up to date (version: 55, sigs: 2424225, f-level: 60, builder:
> > neo)
> > daily.cld is up to date (version: 20691, sigs: 1477959, f-level: 63,
> > builder: neo)
> > bytecode.cld is up to date (version: 265, sigs: 47, f-level: 63, builder:
> > neo)
> >
> > But it did NOT detect a virus which is detected by Clam.
> >
> > This one:
> >
> >
> https://www.virustotal.com/pt/file/eb495bcdfb517743ced48d1b165b046739fb621cc693cb09fed8c879684851f3/analysis/1436790221/
> >
> > I see it was added in June updated
> >
> > The following submissions have been processed and published:
> > - Win.Trojan.Banload-6197
> > - Win.Trojan.Banload-6198
> >
> > See http://lists.clamav.net/pipermail/clamav-virusdb/2015-June/
> >
> >
> >
> > Pls advise?
> >
> > Thanks,
> > Robert
> > _______________________________________________
> > Help us build a comprehensive ClamAV guide:
> > https://github.com/vrtadmin/clamav-faq
> >
> > http://www.clamav.net/contact.html#ml
> >
>
>
> ------------------------------
>
> Subject: Digest Footer
>
> _______________________________________________
> clamav-users mailing list
> clamav-users at lists.clamav.net
> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
>
> ------------------------------
>
> End of clamav-users Digest, Vol 130, Issue 9
> ********************************************
>
More information about the clamav-users
mailing list