Thanks, will report it. 2015-07-15 13:00 GMT-03:00 <[email protected]>:
> Send clamav-users mailing list submissions to > [email protected] > > To subscribe or unsubscribe via the World Wide Web, visit > http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users > or, via email, send a message with subject or body 'help' to > [email protected] > > You can reach the person managing the list at > [email protected] > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of clamav-users digest..." > > > Today's Topics: > > 1. Banload not detected (Robert Boyl) > 2. Re: Banload not detected (Alain Zidouemba) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Tue, 14 Jul 2015 13:22:35 -0300 > From: Robert Boyl <[email protected]> > To: [email protected] > Subject: [clamav-users] Banload not detected > Message-ID: > < > cap2gz+mdwhlqqdkmv9cym2wxintoe2wbkar-npxo6zzszvh...@mail.gmail.com> > Content-Type: text/plain; charset=UTF-8 > > Dear Sir, > > Our mail server Qmail has latest ClamAV: > > main.cld is up to date (version: 55, sigs: 2424225, f-level: 60, builder: > neo) > daily.cld is up to date (version: 20691, sigs: 1477959, f-level: 63, > builder: neo) > bytecode.cld is up to date (version: 265, sigs: 47, f-level: 63, builder: > neo) > > But it did NOT detect a virus which is detected by Clam. > > This one: > > https://www.virustotal.com/pt/file/eb495bcdfb517743ced48d1b165b046739fb621cc693cb09fed8c879684851f3/analysis/1436790221/ > > I see it was added in June updated > > The following submissions have been processed and published: > - Win.Trojan.Banload-6197 > - Win.Trojan.Banload-6198 > > See http://lists.clamav.net/pipermail/clamav-virusdb/2015-June/ > > > > Pls advise? > > Thanks, > Robert > > > ------------------------------ > > Message: 2 > Date: Tue, 14 Jul 2015 12:35:37 -0400 > From: Alain Zidouemba <[email protected]> > To: ClamAV users ML <[email protected]> > Subject: Re: [clamav-users] Banload not detected > Message-ID: > < > cagqqwqmk_uffehtmojoqrrwsj-csu-d6eeu6krnqqa6g30_...@mail.gmail.com> > Content-Type: text/plain; charset=UTF-8 > > Not sure I understand the problem you are facing. > > If you are asking if ClamAV with official signatures would detect the zip > file whose SHA256 is > eb495bcdfb517743ced48d1b165b046739fb621cc693cb09fed8c879684851f3, > then the answer is yes. The detection name you would see is > Win.Trojan.Banload-6198. > > If however, you have encountered a file that you believe to be related to > SHA256 eb495bcdfb517743ced48d1b165b046739fb621cc693cb09fed8c879684851f3 > that ClamAV does not detect, then please have it submitted here: > http://www.clamav.net/report/report-malware.html > > Thanks, > > - Alain > > > > On Tue, Jul 14, 2015 at 12:22 PM, Robert Boyl <[email protected]> > wrote: > > > Dear Sir, > > > > Our mail server Qmail has latest ClamAV: > > > > main.cld is up to date (version: 55, sigs: 2424225, f-level: 60, builder: > > neo) > > daily.cld is up to date (version: 20691, sigs: 1477959, f-level: 63, > > builder: neo) > > bytecode.cld is up to date (version: 265, sigs: 47, f-level: 63, builder: > > neo) > > > > But it did NOT detect a virus which is detected by Clam. > > > > This one: > > > > > https://www.virustotal.com/pt/file/eb495bcdfb517743ced48d1b165b046739fb621cc693cb09fed8c879684851f3/analysis/1436790221/ > > > > I see it was added in June updated > > > > The following submissions have been processed and published: > > - Win.Trojan.Banload-6197 > > - Win.Trojan.Banload-6198 > > > > See http://lists.clamav.net/pipermail/clamav-virusdb/2015-June/ > > > > > > > > Pls advise? > > > > Thanks, > > Robert > > _______________________________________________ > > Help us build a comprehensive ClamAV guide: > > https://github.com/vrtadmin/clamav-faq > > > > http://www.clamav.net/contact.html#ml > > > > > ------------------------------ > > Subject: Digest Footer > > _______________________________________________ > clamav-users mailing list > [email protected] > http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml > > ------------------------------ > > End of clamav-users Digest, Vol 130, Issue 9 > ******************************************** > _______________________________________________ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
