Hi Tim,
Did you get a chance to submit that archive of false negatives? Just need a
hash of the archive to find it in our repositories.
On Wed, Jan 11, 2017 at 12:28 PM, Tim Tepatti wrote:
> Sounds good to me, I'll submit them in an archive then.
>
> Also, another question: If a virus is picked
Are you using the most updated version of the tool? It should work.
--
Sent from my iPhone
> On Jan 11, 2017, at 11:07 AM, Tim Tepatti wrote:
>
> Hello,
>
> I recently started using ClamAV and have a small database of virus samples
> on my computer. I noticed that when scanning some of these
The new naming conventions no longer include a virus name. That has been true
since the most recent main.cvd was released. I believe this is because of the
amount of manual effort required to determine exactly what a malware sample is
and the lack of uniformity in naming malware across the indus
Excuse my ignorance, sorry. Why is the name given so generic? With other
AVs I'm used to names like "Linux.Net-Worm.Virus_Name.a" that include a
name, so when I saw "Agent-(numbers)" I figured it was a generic name.
On Wed, Jan 11, 2017 at 12:32 PM, Alain Zidouemba wrote:
> Unix.Malware.Agent-18
Unix.Malware.Agent-1847425 is not a heuristics detection.
- Alain
On Wed, Jan 11, 2017 at 12:28 PM, Tim Tepatti wrote:
> Sounds good to me, I'll submit them in an archive then.
>
> Also, another question: If a virus is picked up as a generic
> "Unix.Malware.Agent-1847425", does that mean that t
Sounds good to me, I'll submit them in an archive then.
Also, another question: If a virus is picked up as a generic
"Unix.Malware.Agent-1847425", does that mean that the sample was detected
as malicious through heuristics or something like that, but the actual
specific sample isn't known?
Thanks
Hi Tim,
For the time being, I would compress the samples and submit the resulting
archive file. Be sure to mention this in the Description field of the form.
You can also send the file name to me, and I'll make sure the samples get
processed.
On Wed, Jan 11, 2017 at 12:07 PM, Tim Tepatti wrote:
