subject:"\[clamav\-users\] PUA.Win.Trojan.EmbeddedPDF\-1 and PUA.Pdf.Trojan.EmbeddedJavaScript\-1"

Re: [clamav-users] PUA.Win.Trojan.EmbeddedPDF-1 and PUA.Pdf.Trojan.EmbeddedJavaScript-1

2017-10-26 Thread Mark Foley

You are right! I disabled the ign2 file containing a couple of bytecode signatures generating false positives (to see if they were fixed), but I didn't notice that I also had these two 'trojan' signatures in the same file. I've re-enabled the PUA.*Trojan* signatures in the ign2 file and my notices

Re: [clamav-users] PUA.Win.Trojan.EmbeddedPDF-1 and PUA.Pdf.Trojan.EmbeddedJavaScript-1

2017-10-25 Thread Al Varnell

We discussed these same two last December: Usage questions on local.ign2 > -Al- On Wed, Oct 25, 2017 at 08:33 AM, Mark Foley wrote: > Today I got cl

[clamav-users] PUA.Win.Trojan.EmbeddedPDF-1 and PUA.Pdf.Trojan.EmbeddedJavaScript-1

2017-10-25 Thread Mark Foley

Today I got clamscan notices for PUA.Pdf.Trojan.EmbeddedJavaScript-1 and PUA.Win.Trojan.EmbeddedPDF-1 on over 100 old email files that have been out there for years. Are these false positives? --Mark ___ clamav-users mailing list clamav-users@lists.cla