I have a question about the timeliness of signature updates. I am running a clamav-milter to check email when received by the MDA -- this rarely finds anything. I also have clamscan running multiple times a day checking all the Maildir folders.
Yesterday, the Maildir folder scan found Js.Downloader.Nemucod. But, this message was recieved on April 26th -- 8 days before the malware was detected by clamscan. Doing a quick google search, I find that the JS.Nemucod trojan has been around since at least December 2015. So, was the clamav signature for this malware just added to the list on May 4th? If so, why does it take so long to include a malware that's been around for years? If it was added earlier, why did clamscan not find it for 8 days? Mutation? --Mark _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
