Steve Basford wrote:
On Mon, June 23, 2014 4:47 pm, Walter Bürger wrote:
About 4 hours later I checked again and
12 out of 54 scanners detected a virus in this file
but ClamAV did not detect it.
I know 4 hours sounds a long time but when you consider the current amount
of malware that is submi
On Mon, June 23, 2014 4:47 pm, Walter Bürger wrote:
>
> About 4 hours later I checked again and
> 12 out of 54 scanners detected a virus in this file
> but ClamAV did not detect it.
I know 4 hours sounds a long time but when you consider the current amount
of malware that is submitted / auto-subm
On 23. jun. 2014 19.36.58 CEST, Steve Basford
wrote:
>
>Sanesecurity.Malware.23787.ZipHeur
>Added: 23 Jun 2014 09:32:40 UT
I have a dream on virustotal start using 3dr party clamav signatures
___
Help us build a comprehensive ClamAV guide:
https://gith
Steve Basford wrote:
On Mon, June 23, 2014 4:47 pm, Walter Bürger wrote:
This morning I submitted the file
Rechnung_23_14_06_198630274520031_telekom_deutschland_GmbH.exe
(MD5 ad690be247dda635781e20887fcac0e7)
on virustotal.com.
4 out of 54 scanners detected a virus
(NOD32 named it Win32/Kryptik
Always, as a reminder, we have the ClamAV Community sigs list, which anyone in
the world can submit signatures to us, which we’ll put through the system and
they’ll go out in the official list.
http://blog.clamav.net/2014/02/introducing-clamav-community-signatures.html
--
Joel Esler
Open Source
Quick dump of found signature results: ClamAV vs Basford et al
Unofficial sigs, total:
grep UNOFFICIAL clam* |wc -l
174
Unofficial Sane Security sigs found
grep Sanesecur.*FOUND clam* |wc -l
141
Official ClamAV sigs found:
grep FOUND clam* |grep -c -v UNOFFICIAL
10
Non-Sanesecurity unofficial
On Mon, June 23, 2014 4:47 pm, Walter Bürger wrote:
>
> This morning I submitted the file
> Rechnung_23_14_06_198630274520031_telekom_deutschland_GmbH.exe
> (MD5 ad690be247dda635781e20887fcac0e7)
> on virustotal.com.
>
> 4 out of 54 scanners detected a virus
> (NOD32 named it Win32/Kryptik.CFAE)
>
The OP brought up several points, none of which were addressed.
1. Nevertheless, the detection rate of viruses, trojans, etc. is not very good.
Almost every time I submit a sample file on virustotal.com ClamAV can not detect
the virus or malware.
2. Up to now, I never got a notification, alth
Walter,
We received your sample for the first time today and will be analyzing it
for coverage in the ClamAV signature set. Thanks for your submission.
If you are planning to submit a large number of samples on a regular basis,
please contact me off-list.
- Alain
On Mon, Jun 23, 2014 at 11:47
Hi dear ClamAV team,
ClamAV is a good software and it runs very stable
on my servers for years!
Many thanks for ClamAV and for your efforts making it
such a stable software!
Nevertheless, the detection rate of viruses, trojans, etc.
is not very good.
Almost every time I submit a sample file o
> Okay, great, thanks. Can you describe the risk for me? What does it do,
> and what's necessary for the user to do to become infected? It appears to
> be a rogue link phishing attack? So it requires the user to open the Word
> doc then click the link, correct?
Hi Alex,
1. I used strings on the
11 matches
Mail list logo
