Quite a few months ago, I had a false positive on a file that I ran through VirusTotal. I went through the proper process of submitting it, and it was subsequently cleared in newer clam signature updates, and this was verified by checking the version info.

However, I noticed that it kept coming up as a false positive on VirusTotal. I noticed that the ClamAV version reported on VT is still 0.94.1 while the latest appears to be 0.95.2. If you are relying on VirusTotal to clear your false positive, you may not be getting the most up to date results. It appears that the clamav version that is being used on VT is using an older signature file.

I contacted Julio who runs VT and he told me the following:



I've sent in the web form to the ClamWin https://www.clamwin.com/component/option,com_contact/task,view/contact_id,1/Itemid,64/ Contact Us page, assuming that my request was not really a tech support issue, but it wasn't answered. Thus I'm asking here: would whomever is the ClamWin person who normally has updated VirusTotal's scanner in the past please be so kind as to do so again? Or at least provide me or Julio with a contact so we can get this up to date.

Many thanks

I didn't know that VirusTotal used a Windows version of Clam. I do recall seeing that 0.94 version for some time now, however. The scanning services used to use Linux versions. At any rate, Clam has discontinued their SODG version some time ago, and that was probably what was being furnished. I have not heard anything about ClamWin furnishing anything to any of the scanning services. ClamWin is available for download from the ClamWin website at any time.

As long as VirusTotal is getting the signature updates, they are current. The only problem is that the current version of Clam/ClamWin (v 0.95.2) has some additional functionality that v 0.94 does not have. This isn't all bad, however, because version .95.2 is a bit more apt to register some false positives than v 0.94. In addition, it probably doesn't matter to most users, but ClamWin v.95 and up don't allow some of the previous command line commands and v.94 still does.

If Sherpya or Alch read this, they should consider contacting VirusTotal to see if a copy of ClamWin would be adequate for their needs, although it will not be an official Clam product.

Regards,

Nope, I checked with Julio at VirusTotal. He says he needs the "official" version from Clam--the ClamWin version won't do. I'll notify Clam in case they've dropped the ball. A lot has been going on over there lately.

Regards,

That's odd, I asked over there and they sent me here. Thanks for checking.

use more than one anti virus softwares

Sorry but your comment makes no sense whatsoever and is completely irrelevant to my request.

GuitarBob, I'm glad you are here often enough to answer people's questions.