[Clamav-users] Worm.Mydoom.R

Thu, 09 Sep 2004 08:20:27 -0700 

Hi

On 2004-08-11, I got the following.

Submission: n/a
Sender: n/a
Virus: Worm.Mydoom.R
Alias: Worm/MyDoom.r (Hbedv), W32/MyDoom-R (Sophos), [EMAIL PROTECTED]
(Bitdefender), Win32.HLLM.MyDoom.27136 (Drweb)
Added: Worm.Mydoom.R
Note: It has been already detected as Worm.Mydoom.Gen-unp by devel version.
The signature added for stable version.

But today, I got a virus that was not detected with most recent clamd:
  ClamAV version 0.75-1
and recent freshclam:
  main.cvd is up to date (version: 26, sigs: 22925, f-level: 2, builder:
tomek)
  daily.cvd is up to date (version: 483, sigs: 1113, f-level: 2, builder:
ccordes)

The virus was detected using McAfee Antivirus Enterprise 7.0:
  Anlagendatei: syu.zip
  Virusname: W32/[EMAIL PROTECTED]
  Sekundäre unternommene Aktion: Verschoben...

Is there anything I can do to make clamav detect these?
- WITHOUT having to take the CVS version.

I see, that there will always be some new virii, that can only be detected
using cvs, but a virus that was added 2004-08-11 and that is not detected
today IS a problem.

(Otherwise I am very happy with clamav. I use it for 6 month now and had
only 2 virii getting through. One was added to the database several minutes
later, the other is the one above.)

Regards,
   Steffen



-------------------------------------------------------
This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java Enterprise J2EE developer tools!
Get your free copy of BEA WebLogic Workshop 8.1 today.
http://ads.osdn.com/?ad_idP47&alloc_id808&op=click
_______________________________________________
Clamav-users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/clamav-users

Reply via email to