[clamav-users] [clamav-virusdb] Signatures Published daily - 21467

Tom Judge (tomjudge) tomjudge at cisco.com
Mon Mar 21 16:03:45 UTC 2016 

Hi Al,

Thanks for reporting this! We are looking into an issue where a replaced sig in the management interface fails to generate the correct ign/ign2 entries for the old sig when it is main.  Hopefully we will have this resolved today.

Thanks

Tom
> On Mar 19, 2016, at 4:05 AM, Al Varnell <alvarnell at mac.com> wrote:
> 
> FYI, if I ignore "Win.Trojan.Trojan-476” ([main.hdb] aa15bcf478d165efd2065190eb473bcb:544) all of the test files below are identified as “Clamav.Test.File-6” ([daily.hdb] aa15bcf478d165efd2065190eb473bcb:544).
> 
> -Al-
> 
> On Fri, Mar 18, 2016 at 07:40 PM, Al Varnell wrote:
>> 
>> Not sure exactly what this update was about (suspect a test), and perhaps I don’t have the correct Clamav.Text.File (s) but scanning the 0.99.1 source file I am still getting the following:
>> 
>>> File Name	Infection Name	Status
>>> /Users/avarnell/Downloads/2016-03-02/clamav-0.99.1/test/clam_cache_emax.tgz	Win.Trojan.Trojan-476	
>>> /Users/avarnell/Downloads/2016-03-02/clamav-0.99.1/test/clam.ea05.exe	Win.Trojan.Trojan-476	
>>> /Users/avarnell/Downloads/2016-03-02/clamav-0.99.1/test/clam.bin-be.cpio	Win.Trojan.Trojan-476	
>>> /Users/avarnell/Downloads/2016-03-02/clamav-0.99.1/test/clam-aspack.exe	Win.Trojan.Trojan-476	
>>> /Users/avarnell/Downloads/2016-03-02/clamav-0.99.1/test/clam-mew.exe	Win.Trojan.Trojan-476	
>>> /Users/avarnell/Downloads/2016-03-02/clamav-0.99.1/test/clam.exe.rtf	Win.Trojan.Trojan-476	
>>> /Users/avarnell/Downloads/2016-03-02/clamav-0.99.1/test/clam.pdf	Win.Trojan.Trojan-476	
>>> /Users/avarnell/Downloads/2016-03-02/clamav-0.99.1/test/clamjol.iso	Win.Trojan.Trojan-476	
>>> /Users/avarnell/Downloads/2016-03-02/clamav-0.99.1/test/clam.chm	Win.Trojan.Trojan-476	
>>> /Users/avarnell/Downloads/2016-03-02/clamav-0.99.1/test/clam.odc.cpio	Win.Trojan.Trojan-476	
>>> /Users/avarnell/Downloads/2016-03-02/clamav-0.99.1/test/clam.ole.doc	Win.Trojan.Trojan-476	
>>> /Users/avarnell/Downloads/2016-03-02/clamav-0.99.1/test/clam.impl.zip	Win.Trojan.Trojan-476	
>>> /Users/avarnell/Downloads/2016-03-02/clamav-0.99.1/test/clam-nsis.exe	Win.Trojan.Trojan-476	
>>> /Users/avarnell/Downloads/2016-03-02/clamav-0.99.1/test/clam.zip	Win.Trojan.Trojan-476	
>>> /Users/avarnell/Downloads/2016-03-02/clamav-0.99.1/test/clam.ppt	Win.Trojan.Trojan-476	
>>> /Users/avarnell/Downloads/2016-03-02/clamav-0.99.1/test/clam-v3.rar	Win.Trojan.Trojan-476	
>>> /Users/avarnell/Downloads/2016-03-02/clamav-0.99.1/test/clam.tar.gz	Win.Trojan.Trojan-476	
>>> /Users/avarnell/Downloads/2016-03-02/clamav-0.99.1/test/clam.exe.mbox.uu	Win.Trojan.Trojan-476	
>>> /Users/avarnell/Downloads/2016-03-02/clamav-0.99.1/test/clam.ea06.exe	Win.Trojan.Trojan-476	
>>> /Users/avarnell/Downloads/2016-03-02/clamav-0.99.1/test/clam.exe	Win.Trojan.Trojan-476	
>>> /Users/avarnell/Downloads/2016-03-02/clamav-0.99.1/test/clam_IScab_int.exe	Win.Trojan.Trojan-476	
>>> /Users/avarnell/Downloads/2016-03-02/clamav-0.99.1/test/clam.sis	Win.Trojan.Trojan-476	
>>> /Users/avarnell/Downloads/2016-03-02/clamav-0.99.1/test/clam-fsg.exe	Win.Trojan.Trojan-476	
>>> /Users/avarnell/Downloads/2016-03-02/clamav-0.99.1/test/clam-pespin.exe	Win.Trojan.Trojan-476	
>>> /Users/avarnell/Downloads/2016-03-02/clamav-0.99.1/test/clam-petite.exe	Win.Trojan.Trojan-476	
>>> /Users/avarnell/Downloads/2016-03-02/clamav-0.99.1/test/clam-upack.exe	Win.Trojan.Trojan-476	
>>> /Users/avarnell/Downloads/2016-03-02/clamav-0.99.1/test/clam-upx.exe	Win.Trojan.Trojan-476	
>>> /Users/avarnell/Downloads/2016-03-02/clamav-0.99.1/test/clam-v2.rar	Win.Trojan.Trojan-476	
>>> /Users/avarnell/Downloads/2016-03-02/clamav-0.99.1/test/clam-wwpack.exe	Win.Trojan.Trojan-476	
>>> /Users/avarnell/Downloads/2016-03-02/clamav-0.99.1/test/clam-yc.exe	Win.Trojan.Trojan-476	
>>> /Users/avarnell/Downloads/2016-03-02/clamav-0.99.1/test/clam.7z	Win.Trojan.Trojan-476	
>>> /Users/avarnell/Downloads/2016-03-02/clamav-0.99.1/test/clam.arj	Win.Trojan.Trojan-476	
>>> /Users/avarnell/Downloads/2016-03-02/clamav-0.99.1/test/clam.bin-le.cpio	Win.Trojan.Trojan-476	
>>> /Users/avarnell/Downloads/2016-03-02/clamav-0.99.1/test/clam.bz2.zip	Win.Trojan.Trojan-476	
>>> /Users/avarnell/Downloads/2016-03-02/clamav-0.99.1/test/clam.cab	Win.Trojan.Trojan-476	
>>> /Users/avarnell/Downloads/2016-03-02/clamav-0.99.1/test/clam.d64.zip	Win.Trojan.Trojan-476	
>>> /Users/avarnell/Downloads/2016-03-02/clamav-0.99.1/test/clam.exe.binhex	Win.Trojan.Trojan-476	
>>> /Users/avarnell/Downloads/2016-03-02/clamav-0.99.1/test/clam.exe.bz2	Win.Trojan.Trojan-476	
>>> /Users/avarnell/Downloads/2016-03-02/clamav-0.99.1/test/clam.exe.html	Win.Trojan.Trojan-476	
>>> /Users/avarnell/Downloads/2016-03-02/clamav-0.99.1/test/clam.exe.mbox.base64	Win.Trojan.Trojan-476	
>>> /Users/avarnell/Downloads/2016-03-02/clamav-0.99.1/test/clam.exe.szdd	Win.Trojan.Trojan-476	
>>> /Users/avarnell/Downloads/2016-03-02/clamav-0.99.1/test/clam.iso	Win.Trojan.Trojan-476	
>>> /Users/avarnell/Downloads/2016-03-02/clamav-0.99.1/test/clam.mail	Win.Trojan.Trojan-476	
>>> /Users/avarnell/Downloads/2016-03-02/clamav-0.99.1/test/clam.newc.cpio	Win.Trojan.Trojan-476	
>>> /Users/avarnell/Downloads/2016-03-02/clamav-0.99.1/test/clam.tnef	Win.Trojan.Trojan-476	
>>> /Users/avarnell/Downloads/2016-03-02/clamav-0.99.1/test/clam_IScab_ext.exe	Win.Trojan.Trojan-476	
>>> /Users/avarnell/Downloads/2016-03-02/clamav-0.99.1/test/clam_ISmsi_ext.exe	Win.Trojan.Trojan-476	
>>> /Users/avarnell/Downloads/2016-03-02/clamav-0.99.1/test/clam_ISmsi_int.exe	Win.Trojan.Trojan-476	
>>> /Users/avarnell/Downloads/2016-03-02/clamav-0.99.1/test/.split/split.clam.isoaa	Win.Trojan.Trojan-476	
>>> /Users/avarnell/Downloads/2016-03-02/clamav-0.99.1/test/.split/split.clam_IScab_ext.exeaa	Win.Trojan.Trojan-476	
>>> /Users/avarnell/Downloads/2016-03-02/clamav-0.99.1/test/.split/split.clam_IScab_int.exeaa	Win.Trojan.Trojan-476	
>>> /Users/avarnell/Downloads/2016-03-02/clamav-0.99.1/test/.split/split.clamjol.isoaa	Win.Trojan.Trojan-476	
>>> /Users/avarnell/Downloads/2016-03-02/clamav-0.99.1/unit_tests/clam-phish-exe	Win.Trojan.Trojan-476	
>> 
>> Can this be fixed or do I need to submit all fifty-five test files as FP’s?
>> 
>> -Al-
>> 
>>> Begin forwarded message:
>>> 
>>> From: noreply at sourcefire.com
>>> Subject: [clamav-virusdb] Signatures Published daily - 21467
>>> Date: March 18, 2016 at 5:23:36 PM PDT
>>> To: clamav-virusdb at lists.clamav.net
>>> 
>>> 
>>> ClamAV Signature Publishing Notice
>>> 
>>> Datefile:       daily
>>> Version:        21467
>>> Publisher:       
>>> New Sigs:       3
>>> Dropped Sigs:   0
>>> Ignored Sigs:   0
>>> 
>>> 
>>> New Detection Signatures:
>>> 
>>> 
>>>  * Clamav.Test.File-6
>>> 
>>>  * Clamav.Test.File-7
>>> 
>>>  * Win.Trojan.Agent-1393459
>>> 
>>> 
>>> Dropped Detection Signatures:
>>> 
>>> 
>>> 
>>> Ignored Detection Signatures:
> 
> -Al-
> -- 
> Al Varnell
> Mountain View, CA
> 
> 
> 
> 
> _______________________________________________
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
> 
> http://www.clamav.net/contact.html#ml

More information about the clamav-users mailing list