Re: [clamav-users] /home/gene/firefox/browser/omni.ja: Html.Exploit.CVE_2017_8750-6336209-0 FOUND

2017-10-23 Thread Tsutomu Oyamada
Hi, Joel. Thank you. The issue of false positive for Html.Exploit.CVE_2017_8750-6336209-0 has been solved, but the issue of Html.Exploit.CVE_2017_8757-6336185-0 has not been solved yet. Could you Drop this signature as well ? On Fri, 20 Oct 2017 14:47:24 + "Joel Esler (jesler)" wrote: >

Re: [clamav-users] /home/gene/firefox/browser/omni.ja: Html.Exploit.CVE_2017_8750-6336209-0 FOUND

2017-10-23 Thread Al Varnell
Did you submit a sample of it as a false positive report? If so please reply with a hash value for the file you submitted. Sent from my iPhone -Al- -- Al Varnell Mountain View, CA > On Oct 23, 2017, at 9:50 PM, Tsutomu Oyamada wrote: > > Hi, Joel. > > Thank you. > The issue of false positi

[clamav-users] Signatur help - php injection

2017-10-23 Thread Hajo Locke
Hello list, currently i found sometimes hexed php-code like this in hacked cms. https://www.unphp.net/decode/9343fc7753f51080ad5d7817720956f0/ http://ddecode.com/hexdecoder/?results=9c4971e2e8f3cc6e00865e3a1dfd20bc https://www.unphp.net/decode/18679f0e27962531abffc36b8c869ce0/ Not my domains, jus