This signature is in the process of being dropped. The signature is a ZMD
and PUA is not supported for this type. Once it is dropped it will be
re-published under a non PUA name.
If you would still like to ignore these alerts you can add the new
signatures' names to a whitelist.ign file in your Cl
On 4. sep. 2014 07.54.34 Andreas Schulze wrote:
It's handy to point a user to the official Website to proof that he's
running outdated viresscanner.
Freshclam gives a warning of outdates here just fine, does not need
external tools to tell me that, are admins so dump todays ?
__
I started receiving this virus warning, and I think it's a false alarm. I
read that I could use clamscan --detect-pua=no to have clamscan ignore such
PUA warnings, but that didn't work.
How should I proceed? I notice that this virus definition just got added
yesterday (http://blog.gmane.org/gmane.
Hi Doug,
On Thu, Sep 4, 2014 at 11:54 AM, Douglas Goddard
wrote:
> Thank you for catching that. PUA is not supported for this signature type,
> I will drop the signature and rename it to avoid the confusion of the
> incorrect PUA label. You'll need to whitelist the new name when that
> appears i
Thank you for catching that. PUA is not supported for this signature type,
I will drop the signature and rename it to avoid the confusion of the
incorrect PUA label. You'll need to whitelist the new name when that
appears in a next day or so.
Sorry for the inconvenience,
Doug
On Thu, Sep 4, 2014
I'm looking into the PUA issue and will follow up about that.
On Thu, Sep 4, 2014 at 11:43 AM, Douglas Goddard
wrote:
> That is a zip signature looking for double extension files. So, it is
> interesting that it is alerting on a .txt file, unless that is a zip file
> in disguise.
>
> You can wh
That is a zip signature looking for double extension files. So, it is
interesting that it is alerting on a .txt file, unless that is a zip file
in disguise.
You can whitelist the signature by adding a whitelist.ign file to your
ClamAV database directory (for me, the path is: /usr/local/share/clama
In the past day we have had clamscan on several servers detect infected
files due to: PUA.Windows.DoubleExtension-zippwd-3
I've read the clamscan manpage but have not had any luck with getting the
"--detect-pua" option to work. Example:
# clamscan --detect-pua=no ./sample-msg1.txt
./sample-msg1
On Thu, Sep 04, 2014 at 07:53:30AM +0200, Andreas Schulze wrote:
> Am 26.08.2014 20:56, schrieb Joel Esler (jesler):
> > * Elimination of dead links and pages
> >
> I was told the old website contained the current patternversion
> somewhere. That function is also gone away.
> It's handy to p
