ZIP.SFX file in folder of WinRAR
https://www.virustotal.com/pt/file/dcc3cb4e49113a420f01c68de3b53b8a39bf510bf433ba1ee98b747909c468c7/analysis/1377131504/
MD5 258a7fca19d29a2de2b7107ac075cd02
SHA1 a095a1ad8725c70055f5de37fc5cd44966710357
SHA256 dcc3cb4e49113a420f01c68de3b53b8a39bf510bf433ba1ee98b747909c468c7
ssdeep1536:C33z6S7VVPwNPgU/0TOn0IxKVVOoothObMZ7O9h81U3lta:cPRuJo0o/OooObMZa908lI
File size 79.2 KB ( 81130 bytes )
File type Win32 EXE
-----------------------------------------------------------------------------------------------
is a file that is part of the installation of winrar, i wanted to submit the "Submit FP" and "Submit Malware" in the clamav site, the more and say it is not detected as virus but my
clamwin 0.97.8 daily.cld updated (version: 17717, sigs: 1637038, f-level: 63, builder: neo)
Downloading bytecode-225.cdiff [100%]
bytecode.cld updated (version: 225, sigs: 42, f-level: 63, builder: dgoddard)
Database updated (2681467 signatures) from database.clamav.net (IP: 64.6.100.177)
detects this file as "Trojan.Banload-1361"
if you can reporting it to the clamav!
-----------------------------------------------------------------------------------------------


hugs fellow
PD: google tradutor sucks... heheh

It appears the file is a true false positive. On Virus Total no major AVs detect anything, and the file was first seen November 27, 2011. If it was really infected, many AVs should detect it by now.

You need to upload each false positive file (or undetected virus file) to Clam AV via their submit a file link. At the link, there is one page for reporting a false positive and another page for reporting an undetected virus. Clam needs to work with actual files--it can not work with hashes.

Regards,