Jari Fredriksson wrote:
I have not tried virustotal.
I have the zip file and the extracted exe as well on disk, and clamscan does
NOT detect it.
I have F-Prot and BitDefender in my amavisd-new as well, and I have no problems detecting these.
The point in this post is that ClamAV website claims ClamAV detects them, but
it does not. It should be added to the signatures.
I think this is a new variant of some older trojan, which ClamAV detects.
Well. I have a similar situation. I quarantine zip files and after that
I run clamdscan on the quarantine. Some virus are sometimes detected,
sometimes not, and sometimes they're detected after some time, some
days, after signature update. These virus are : Trojan.Downloader-77566,
Trojan.Agent-122848, Trojan.Agent-122843, Trojan.Agent-122845 and
Trojan.Downloader.Bredolab-1393. There are some very small differences
on the base64 encoded file.
I submitted some of them to virustotal and they weren't detected by the
Clamav version on virustotal. Well, the detection rate (scanners
detecting them) varies between 30 and 50 %.
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
