Hello madam and sir, We found some files which were detected as "Win.Malware.Tedy-10043541-0" included In the signature "Daily.cvd:27583" released on 21 March 2025, on some servers (Linux, AIX,Windows) that have ClamAV installed.
We checked to see what they were, because two files of the same malware were detected. They are launcher programs provided by IBM, and two Windows executive programs named as "ScriptLauncher64.exe" and "launchpad64.exe" The hash values of each are as follows: a58caf03eaa7fa003e2d020025b5bd95490a1fccc1f5ee7409b37fe6c7e11b220f39513cdf45501402ad9d6158a312e487f43043f10fc452a9fc3100723234fd ScriptLauncher64.exe 58caf03eaa7fa003e2d020025b5bd95490a1fccc1f5ee7409b37fe6c7e11b220f39513cdf45501402ad9d6158a312e487f43043f10fc452a9fc3100723234fd launchpad64.exe Since these are old programs released in 2017 and 2016 respectively, and are deemed safe by multiple other antivirus software, we believe that there is a high possibility that they are false positive. I also submitted a sample from the "False Positive Report" linked from : https://www.clamav.net/contact、 but I did not receive any response the email address which I entered in the form, so we do not know if it was received by you properly. The form also said, "Refer to [clamav-virusdb] for updates," so we looked up the email archive, but the updates from the past few days did not contain any content I am looking for. (If a false positive is addressed, will it be listed in "Dropped Detection Signatures:" ?) _______________________________________________ Manage your clamav-users mailing list subscription / unsubscribe: https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/Cisco-Talos/clamav-documentation https://docs.clamav.net/#mailing-lists-and-chat
