[clamav-users] Virus behaviour ?

malko malko7 at protonmail.ch
Sun Mar 25 10:45:58 UTC 2018 

Thank you for your fast reply. :)

I gave a try to the provided link.

The file containing the "win.trojan.huerta-1" is RED only with Clam. All others virus scanners are GREEN.
The file containing the "txt.downloader.generic-<number>"  is RED only with Clam. All others virus scanners are GREEN.

Only the file containing the "win.trojan.agent-<number>" is RED with all virus scanners and is knowns under various name as well.
Unfortunately I didn't see a description of the behaviour on the various tab.

Thanks for your help.
m.


‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐

On 25 March 2018 11:42 AM, Al Varnell <alvarnell at mac.com> wrote:

> ClamAV does not document malware behavior and many of the signatures are automated in response to samples provided by others, so even the signature team won't have that kind of information.
> 
> Your best bet would be to upload each of those files to <https://www.virustotal.com https://www.virustotal.com/> and see if any other scanners that detected them as infected have documentation to share on their behavior.
> 
> -Al-
> 
> Al Varnell
> 
> ClamXAV User
> 
> On Sun, Mar 25, 2018 at 01:57 AM, malko wrote:
> 
> > Hi all,
> > 
> > I just discovered ClamAV and give it a try.
> > 
> > While scanning an usb-stick, some 'virus' were reported and I came here to find the behaviour of these 'virus' in order to judge by myself their dangerousness. They are the "win.trojan.huerta-1", "win.trojan.agent-<number>" & "txt.downloader.generic-<number>".
> > 
> > Maybe it's only because I am not used to the site interface but did not find an easy way to search old post nor did I found a virus database listing & describing the viruses by name.
> > 
> > Could someone please give me some clue.
> > 
> > Thanks
> > 
> > m.
> 
> clamav-users mailing list
> 
> clamav-users at lists.clamav.net
> 
> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
> 
> Help us build a comprehensive ClamAV guide:
> 
> https://github.com/vrtadmin/clamav-faq
> 
> http://www.clamav.net/contact.html#ml

More information about the clamav-users mailing list