[clamav-users] basic malware missed???

Steve Basford steveb_clamav at sanesecurity.com
Wed Mar 25 04:53:44 EDT 2015


On Tue, March 24, 2015 9:40 pm, Steve Holdoway wrote:
> Hi folks,
>
>
> I'm in the process of cleaning up an infected wordpress website and am
> finding a number of files that contain

> Shouldn't this be in there already? If there is a process to add this
> can someone please point me to the docs?


Hi Steve,

Sorry for the delay.

I've added few sigs to the Sanesecurity phish.ndb database, which should
pickup your sample and another couple of common variants:

Sanesecurity.Malware.24797.PhpBot.MailPoet
Sanesecurity.Malware.24798.PhpBot.MailPoet
Sanesecurity.Malware.24799.PhpBot.B64Eval
Sanesecurity.Malware.24800.PhpBot.rezk2ll

Cheers,

Steve
Web : sanesecurity.com
Blog: sanesecurity.blogspot.com




More information about the clamav-users mailing list