Hello,
A clamscan running from Linux on a Windows disk (mounted on /mnt )
produced the following results:
/mnt/Windows/System32/user32.dll: Win.Exploit.CVE_2017_8689-6336853-0 FOUND
/mnt/Windows/SysWOW64/user32.dll: Win.Exploit.CVE_2017_8689-6336853-0 FOUND
There were other occurrences of the s
i was going to do the report as you suggested but someone else seems to
have beaten me to it. Clamscan on VirusTotal now reports it as clean as
does my local instance of clamscan and dnsapi.dll.
- JD -
Às 19:30 de 17-02-2016, Al Varnell escreveu:
> Then you need to report that as a False Positive
Thank you for the answer, Joel
Although I wouldn't be surprised myself to learn an ISP included Adware in
something they provided for free, Shopperz was not the one found on my free
copy of Panda Antivirus Pro, it was Uztuby-3 (Shopperz was on dnsapi.dll).That
being said, I had previously downl
On Wed, 7/22/15, G.W. Haywood wrote:
Subject: Re: [clamav-users] How to clean infection by
Docx.Exploit.CVE_2015_1770
To: clamav-users@lists.clamav.net
Date: Wednesday, July 22, 2015, 5:45 PM
Hi there,
On Wed, 22 Jul 2015, JD Ackle wrote
On Wed, 7/22/15, Noel Jones wrote:
I would suspect a false positive if a MS Office
document virus is
reported in anything other
than an MS Office document.
Thank you for the reply, Noel.
Should I submit the concerrning files to the False Posit
to know how can I remove
Docx.Exploit.CVE_2015_1770 from Windows/System32/config/SOFTWARE (any
particular key or value I should be looking for?), so that I'm sure it's not
its loading into RAM at startup that's making its signature appear on
/pageFile.sys.
Thanks in advance,
JD Ackle
