We’ll have to wait for the ClamAV signature team to come to work in the AM to get an official answer, but I’m curious on how you know that all of these submissions to VirusTotal represent proven threats? In my experience, many files uploaded to VT are totally harmless with no scanners detecting them as infected.
One possibility is that these entries were posted simply to let the submitter know that a new signature was not required. Another possible explanation that I’ve seen in the past is that they were already detected with a current signature, but normally the entry is annotated with that information. -Al- On Sun, Jan 17, 2016 at 08:45 PM, Walter H. wrote: > > I want an explanation, why not adding? > (as this would bring ClamAV into a total wrong view: "A Antivirus detecting > only wanted Threats and not any")
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml