All, I submitted a virus sample on Aug 6th in the morning to both the Clamav team and McAfee. The scary part was that Microsoft defender detected it as a virus / malware. It took McAfee between 24 and 36 hours to respond that is was in there dat file (released hours before the notice was sent to me). Today, the clamav team finally updated the defs (7 days later Update (daily: 9692))to support detecting this virus :( and incompletely at that ! As you see below, the original email file (106226. base 64 encoded) and the zip file extracted are detected. The executable is still not detected as a virus !
Why did it take so long ?? 106226.: Suspect.Bredozip-zippwd-1 FOUND UPSNR_32be958a.zip: Suspect.Bredozip-zippwd-1 FOUND UPSNR_32be958a.exe: OK ----------- SCAN SUMMARY ----------- Known viruses: 608668 Engine version: 0.95.2 Scanned directories: 5 Scanned files: 6 Infected files: 2 Data scanned: 0.04 MB Data read: 5.88 MB (ratio 0.01:1) Time: 11.062 sec (0 m 11 s) -- Ken Jones _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
