Based on my work as a sigmaker for Clam AV for the last 4 years, below is my suggestion as to how the average ClamWin user can tell whether or not a file is infected if it is not detected by ClamWin.

If there is any doubt as to whether or not a file is infected, scan it on Jotti or Virus Total. I suggest you pick 5 AVs to use as "trigger" AVs. If 2 of these 5 AVs say a file is infected, assume that it is. Pick your AVs carefully. I will mention 3 different stragegies you can use below. If you are still in doubt after a scan, try to find the date that Jotti or Virus Total first saw the file in question. If it is older than a few weeks, there should probably be lots of AVs that detect it if it is really infected. If you are still in doubt, wait a day or two for the AVs to get more signatures, and then re-scan the file.

These AVs license their scan engine to others: AntiVir, Avast, Bitdefender, Ikarus, Kaspersky, Sophos, and Virus Buster. They make good triggers because their scan engines are respected by other AVs.

These AVs are the largest AVs: Microsoft, McAfee, Sophos, Symantec, and Trend Micro. They make good triggers because they have lots of users and have to get it right.

These AVs have good heuristics/generic signatures: AntiVir, Bitdefender, NOD32, Kaspersky, and Sophos. They make good triggers because they are good at detecting new malware.

Jotti and Virus Total will send samples to Clam AV of any infected files that it does not detect, and ClamWin will get the new signature when Clam publishes it. Scanning on Jotti or Virus Total is easy--just upload the file, and it just takes a minute or so if they are not too busy.

Regards,

Thank you for this information,was very helpful!