[Clamav-users] I-Worm/Generic.RX undetected
Hi Yesterday I received 3 emails in which the local antivirus (AVG for Windows, Free edition) has detected a virus named I-Worm/Generic.RX. The email server is a sendmail with clamav-milter. Having a look into the log file I discovered that clamav-milter declared the emails as clean. Freshclam is executed daily, so the virus database is updated. As this virus name is not listed in Clamav virus database, I'm wondering if there is known under a different name, and, if so, why it was not detected. Any idea would be much appreciated. Thank you. Daniel ___ http://lurker.clamav.net/list/clamav-users.html
RE: [Clamav-users] I-Worm/Generic.RX undetected
, why it was not detected. Because you haven't submitted a sample. . Thank you. Daniel -Nigel ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] I-Worm/Generic.RX undetected
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Daniel Hertanu wrote: Hi Yesterday I received 3 emails in which the local antivirus (AVG for Windows, Free edition) has detected a virus named I-Worm/Generic.RX. The email server is a sendmail with clamav-milter. Having a look into the log file I discovered that clamav-milter declared the emails as clean. Freshclam is executed daily, so the virus database is updated. As this virus name is not listed in Clamav virus database, I'm wondering if there is known under a different name, and, if so, why it was not detected. Any idea would be much appreciated. Thank you. Daniel Daniel, Submit it to clamav. It may be a variant of an existing worm/virus. - -James -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.3 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFFEU0PkNLDmnu1kSkRAmciAJ9r+WbzGq7SipHhDNH5yFQh1p7GYQCdGHT4 vMQryaCqVSKu8DvhrjQ= =YUmh -END PGP SIGNATURE- -- Scanned by ClamAV - http://www.clamav.net ___ http://lurker.clamav.net/list/clamav-users.html
RE: [Clamav-users] I-Worm/Generic.RX undetected
Daniel Hertanu wrote: Yesterday I received 3 emails in which the local antivirus (AVG for Windows, Free edition) has detected a virus named I-Worm/Generic.RX. The email server is a sendmail with clamav-milter. Having a look into the log file I discovered that clamav-milter declared the emails as clean. Freshclam is executed daily, so the virus database is updated. As this virus name is not listed in Clamav virus database, I'm wondering if there is known under a different name, and, if so, why it was not detected. Any idea would be much appreciated. Thank you. Daniel The standard rule is to submit any sample raw email to each of http://virusscan.jotti.org/ http://www.virustotal.com/ http://www.clamav.net/sendvirus.html That way you're doing a service to the whole internet community (as well as finding out which scanners pick it up already). Cheers, Phil -- Phil Randal Network Engineer Herefordshire Council Hereford, UK ___ http://lurker.clamav.net/list/clamav-users.html
