[clamav-users] virus detection status
Steve Basford
steveb_clamav at sanesecurity.com
Wed May 13 07:01:19 UTC 2015
On Wed, May 13, 2015 5:49 am, Dmitry Melekhov wrote:
> Hello!
>
>
> We are using clamav for years fo e-mail virus filtering, and it worked
> OK for us,
> but last several weeks we found that clamav doesn't recognize many viruses
> like js, or xls macros. I submitted one of viruses several weeks ago, but
> it is still not recognized by clamav, although recognized by other
> engines.
This should help a little...
http://sanesecurity.com/usage/linux-scripts/
Example:
http://sanesecurity.blogspot.com/2015/05/copy-of-your-123-reg-invoice-123.html
I submmited the sample to VirusTotal 2 mins after receiving the malware...
here's the first detection view:
https://www.virustotal.com/en/file/4baef401edc96a5e777724dbfded6ad5536f5badc88ec8f9c42c8dc35d201ba8/analysis/1431420411/
22 hours later:
https://www.virustotal.com/en/file/4baef401edc96a5e777724dbfded6ad5536f5badc88ec8f9c42c8dc35d201ba8/analysis/
22 Hours laster and still missed by AVG, Kaspersky, McAfee and Comodo, so
even the big players don't always get it right (although they may pickup
the virus when run at desktop level)
Cheers,
Steve
Web : sanesecurity.com
Blog: sanesecurity.blogspot.com
More information about the clamav-users
mailing list