Re: [clamav-users] False positive - CRDF.Malware-Generic.3661413036.UNOFFICIAL

Steve Basford Tue, 14 Jan 2014 05:33:26 -0800


> Finally I found where this signature is located
> sigwhitelist.ign2:CRDF.Malware-Generic.3661413036
> Does someone know how can I bypass this signature? Which command?


Hi Pawel,

Just to add, that seeing the signature in sigwhitelist.ign2 means that
signature is in your whitelist already..

However, you must be using an older version of the download script, as
ONLY the newest version  of the script will use sigwhitelist.ign2 to
whitelist sigs:

Eg:

Version 3.7.2 (updated 2013-08-25)
   - Added Sanesecurity signature whitelist "sigwhitelist.ign2" file
     to the list of default databases in the config file.

Download available here:
http://sourceforge.net/projects/unofficial-sigs/

Cheers,

Steve
Sanesecurity

_______________________________________________
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/support/ml

Re: [clamav-users] False positive - CRDF.Malware-Generic.3661413036.UNOFFICIAL

Reply via email to