To whitelist a specific signature from the database you just add the
signature name into a local file with the .ign2 extension and store it
inside /var/lib/clamav.
i.e. echo 'Doc.Trojan.Agent-6923110-0' >> /var/lib/clamav/whitelist.ign2
HTH
Regards
Brent Clark
On 2019/04/10 13:46, Graeme Fowler via clamav-users wrote:
Doc.Trojan.Agent-6923110-0 added 5th April (I think).
Detects potentially dodgy VB/VBA/VBScript macros in Excel docs, but we have one
user who has a completely genuine spreadsheet which contains several complex
database-lookup-related macros which are triggering that sig.
Nothing else has.
Unfortunately I cannot send the file as it contains some fairly sensitive
information :(
Graeme
--
Graeme Fowler
Senior IT Services Specialist / LU Postmaster, Systems Infrastructure, IT
Services
Loughborough University
_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
