The sample you linked on gdrive is now detected by gdrive and can't be downloaded (gdrive blocks it).

If you believe that it is actually a scanning issue in ClamAV, please do submit the ticket for us to investigate.

If you need to share live samples, be certain to warn people that it is malicious, and then package it in an encrypted archive with a password so it isn't blocked.

Regards,

-Micah

On Jan 31, 2019, at 6:39 AM, Vijayakumar U <vj1610@gmail.com> wrote:

Do I need to raise this issue or is it taken care of already?

On Thu, 10 Jan 2019 at 21:12, Benny Pedersen <me@junc.eu> wrote:

Vijayakumar U skrev den 2019-01-10 15:42:

> When a malicious file is inside zip file and if zip file contains some
> other corrupted zip file, the malicious file is not filtered as virus.

+1

please start using foxhole 3dr party signatures to stop this malwares
with double packed archives

> Sample link - ZXW2.6-Blackfish2.0.zip -
> https://drive.google.com/drive/folders/129LvUWJNnp_P-qzXIxA5nqlyS0lnraQB

ZXW2.6.exe is undetected on gdrive, so it can be downloaded, on
virustotal.com its detected on 18 out of 68 scanners :)

i have sent this file to http://www.clamav.net/reports/malware as a
false negative

thanks for reporting and using clamav
_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users

Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

--

Cheers,
Vijay.

_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users

Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml