There's a new Javascript malware floating around in a RAR archive that somehow kills scanrar I believe. The virus gets properly detected when decompressed as: Sanesecurity.Malware.25834.JsHeur.UNOFFICIAL FOUND When the .js file is recompressed on my desktop to a .rar it also gets properly detected in the .rar file. However the original .rar file that arrived in the e-mail doesn't get flagged at all. I am running version 0.99.2 on CentOS 6.7. Running clamscan in debug mode shows some kind of corruption when reading the e-mail .rar file, although unrar unpacks it without problems: LibClamAV debug: hashtab: Freeing hashset, elements: 0, capacity: 0 LibClamAV debug: Descriptor[3]: Can't unpack some data Anyone else saw this ? Is it a bug within libclamunrar ? _______________________________________________ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
