Excuse my ignorance, sorry. Why is the name given so generic? With other AVs I'm used to names like "Linux.Net-Worm.Virus_Name.a" that include a name, so when I saw "Agent-(numbers)" I figured it was a generic name.
On Wed, Jan 11, 2017 at 12:32 PM, Alain Zidouemba <azidoue...@sourcefire.com > wrote: > Unix.Malware.Agent-1847425 is not a heuristics detection. > > - Alain > > On Wed, Jan 11, 2017 at 12:28 PM, Tim Tepatti <ttepa...@gmail.com> wrote: > > > Sounds good to me, I'll submit them in an archive then. > > > > Also, another question: If a virus is picked up as a generic > > "Unix.Malware.Agent-1847425", does that mean that the sample was detected > > as malicious through heuristics or something like that, but the actual > > specific sample isn't known? > > > > Thanks for the info! > > > > On Wed, Jan 11, 2017 at 12:23 PM, Christopher Marczewski < > > cmarczew...@sourcefire.com> wrote: > > > > > Hi Tim, > > > > > > For the time being, I would compress the samples and submit the > resulting > > > archive file. Be sure to mention this in the Description field of the > > form. > > > You can also send the file name to me, and I'll make sure the samples > get > > > processed. > > > > > > On Wed, Jan 11, 2017 at 12:07 PM, Tim Tepatti <ttepa...@gmail.com> > > wrote: > > > > > > > Hello, > > > > > > > > I recently started using ClamAV and have a small database of virus > > > samples > > > > on my computer. I noticed that when scanning some of these samples > > ClamAV > > > > will report that the file is OK even though its a known virus. > > > > > > > > I originally tried using the clamsubmit utility included in clamav > but > > it > > > > doesn't appear to work anymore, just giving a 404 page not found > > error. I > > > > then went through the ClamAV website to submit the false negatives, > but > > > > noticed you can only submit one file at a time and I have 10+ to > > submit. > > > Is > > > > there any way I could bulk-submit false negatives, at least if > they're > > > from > > > > the same virus family? > > > > > > > > Thanks, > > > > > > > > - Tim > > > > _______________________________________________ > > > > clamav-users mailing list > > > > clamav-users@lists.clamav.net > > > > http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users > > > > > > > > > > > > Help us build a comprehensive ClamAV guide: > > > > https://github.com/vrtadmin/clamav-faq > > > > > > > > http://www.clamav.net/contact.html#ml > > > > > > > > > > > > > > > > -- > > > Christopher Marczewski > > > Research Engineer > > > Talos Group > > > cmarczew...@sourcefire.com > > > Phone: 443.430.7118 > > > _______________________________________________ > > > clamav-users mailing list > > > clamav-users@lists.clamav.net > > > http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users > > > > > > > > > Help us build a comprehensive ClamAV guide: > > > https://github.com/vrtadmin/clamav-faq > > > > > > http://www.clamav.net/contact.html#ml > > > > > _______________________________________________ > > clamav-users mailing list > > clamav-users@lists.clamav.net > > http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users > > > > > > Help us build a comprehensive ClamAV guide: > > https://github.com/vrtadmin/clamav-faq > > > > http://www.clamav.net/contact.html#ml > > > _______________________________________________ > clamav-users mailing list > clamav-users@lists.clamav.net > http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users > > > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml > _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
