On Wed, May 13, 2015 5:49 am, Dmitry Melekhov wrote: > Hello! > > > We are using clamav for years fo e-mail virus filtering, and it worked > OK for us, > but last several weeks we found that clamav doesn't recognize many viruses > like js, or xls macros. I submitted one of viruses several weeks ago, but > it is still not recognized by clamav, although recognized by other > engines.
This should help a little... http://sanesecurity.com/usage/linux-scripts/ Example: http://sanesecurity.blogspot.com/2015/05/copy-of-your-123-reg-invoice-123.html I submmited the sample to VirusTotal 2 mins after receiving the malware... here's the first detection view: https://www.virustotal.com/en/file/4baef401edc96a5e777724dbfded6ad5536f5badc88ec8f9c42c8dc35d201ba8/analysis/1431420411/ 22 hours later: https://www.virustotal.com/en/file/4baef401edc96a5e777724dbfded6ad5536f5badc88ec8f9c42c8dc35d201ba8/analysis/ 22 Hours laster and still missed by AVG, Kaspersky, McAfee and Comodo, so even the big players don't always get it right (although they may pickup the virus when run at desktop level) Cheers, Steve Web : sanesecurity.com Blog: sanesecurity.blogspot.com _______________________________________________ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
