[clamav-users] Virus-Datebase-Updates?

Al Varnell alvarnell at mac.com
Mon Jan 18 01:11:42 EST 2016

We’ll have to wait for the ClamAV signature team to come to work in the AM to get an official answer, but I’m curious on how you know that all of these submissions to VirusTotal represent proven threats?  In my experience, many files uploaded to VT are totally harmless with no scanners detecting them as infected.  

One possibility is that these entries were posted simply to let the submitter know that a new signature was not required.

Another possible explanation that I’ve seen in the past is that they were already detected with a current signature, but normally the entry is annotated with that information.


On Sun, Jan 17, 2016 at 08:45 PM, Walter H. wrote:
> I want an explanation, why not adding?
> (as this would bring ClamAV into a total wrong view: "A Antivirus detecting only wanted Threats and not any")
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2366 bytes
Desc: not available
URL: <https://lists.clamav.net/pipermail/clamav-users/attachments/20160117/aa177fdc/attachment.bin>

More information about the clamav-users mailing list