Hey Douglas! Would you like to provide the hash of the file? That would help us confirm it's a FP. There's also a research about a specific version of Elmedia Player being trojanized that might provide more insight: https://www.welivesecurity.com/2017/10/20/osx-proton-supply-chain-attack-elmedia/
Best regards, Lilia On Tue, Dec 10, 2019 at 9:03 AM Douglas Stinnette <dstin...@vcu.edu> wrote: > > Seems to me that this is a false positive. > /Applications/Elmedia Player.app/Contents/MacOS/Elmedia Player > Osx.Trojan.Proton-6352635-0 FOUND > > I sent a copy of the file to other vendors to double check it and they > reported it was not malware. > > I have submitted false positives to ClamAV before and never received an > update on them: > https://www.clamav.net/reports/fp > > What do others do when they get ClamAV false positives? > Thanks, > Doug > > -- > > > Doug Stinnette > > VCU Technology Services > > Endpoint Security Specialist > > Virginia Commonwealth University > > 827-0933 > > > > Don't be a phishing victim - VCU and other reputable organizations will > never use email to request that you reply with your password, Social > Security number or confidential personal information. For more details > visit http://go.vcu.edu/phishing or http://phishing.vcu.edu. > > _______________________________________________ > > clamav-users mailing list > clamav-users@lists.clamav.net > https://lists.clamav.net/mailman/listinfo/clamav-users > > > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml >
_______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
