Ideally just the information requested by these forms:
http://www.clamav.net/reports/malware
http://www.clamav.net/reports/fp
In particular, for FPs, the exact name of the signature that alerted, as
requested by the "Virus Name" field, would help expedite resolution.
Thanks,
- Alain
On Thu, M
We have enough information to state that Img.Malware.Agent-6499558-0 is a
false positive. The signature has been dropped, and this should be
reflected shortly in a new CVD.
Thanks,
- Alain
On Mon, May 7, 2018 at 9:38 AM, Benny Pedersen wrote:
> Joel Esler (jesler) skrev den 2018-05-07 03:27:
>
We actually got another FP report for the signature
Xml.Exploit.CVE_2018_4975-6545149-0 triggering on AutoCAD DWFx files. We
dropped Xml.Exploit.CVE_2018_4975-6545149-0 from the signature set earlier
today pending further investigation on how the signature could be
re-written to avoid FPs on these
This issue should be resolved now. If the issue persists for you, let us
know.
- Alain
On Mon, Jul 9, 2018 at 12:14 AM, wrote:
> On my debian 9, clamav 0.100.0+dfsg-0+deb8u1) I got following error:
>
> clamscan /media/6b300944-6e7c-493e-b9c9-faeebb70a415/nastenka
> /srv/dev-disk-by-label-white/
An update should be out momentarily.
Thanks,
- Alain
On Wed, Jul 18, 2018 at 12:49 PM, Michael Da Cova
wrote:
> Hi
>
> do we know if there is a problem with updates, I not seen any also
>
> Michael
>
>
>
> On 18/07/18 13:52, Paul Kosinski wrote:
>
>> Judging by the DNS TXT record, we have seen
No need to create a CVD. Just put the files you want to use (.hdb, .mdb,
.ldb, etc...) in a directory and point clamscan or clamd to that directory.
You can also put your custom signature files in the same directory has
main.cvd and daily.cvd and ClamAV will pick those up.
- Alain
On Tue, Jul 24,
Tilman:
What's the MD5 or SHA256 of the file, so I can see if we already have it?
Thanks,
- Alain
On Tue, Aug 7, 2018 at 9:50 AM, Tilman Schmidt wrote:
> The problem is back, this time with two bytecodes: 2 and 90.
> ClamAV version is 0.100.1.
> The last clamscan run without the error was on
Win.Malware.Agent-6641126-0 is set to be removed from the next CVD.
- Alain
On Mon, Aug 13, 2018 at 5:28 AM, Tilman Schmidt
wrote:
> Am 08.08.2018 um 10:40 schrieb Tilman Schmidt:
> > Am 07.08.2018 um 22:24 schrieb Alain Zidouemba:
> >> We do not have the sample. Please
The next CVD should correct this FP. Thanks for reporting.
- Alain
On Sun, Sep 2, 2018 at 5:18 AM, Al Varnell wrote:
> Found in the current (and probably several previous versions) of Skype for
> Mac.
>
> Found here /Applications/Skype.app/Contents/Frameworks/Electron
> Framework.framework/Vers
Do you have the specific signature name that alerted?
-Alain
On Oct 13, 2018, at 11:12 AM, Matthes, Marc wrote:
Same here
Marc Matthes
Director of Computer Networking Programs
Iowa Central CC
5155741099
--
*From:* clamav-users on behalf of
Jean-Francois Tasse
*Se
The Phistank URLs being dropped from daily.cvd have nothing to do with
false positives. We are just rotating in and out the top phishing URLs
based on number DNS lookups per hour.
- Alain
On Wed, Dec 12, 2018 at 6:23 AM Joel Esler (jesler)
wrote:
> Not sure. Perhaps Alain can chime in. My tea
> When a new
cdiff is released, is a new daily.cvd also released at the same time?
Yes.
-Alain
> On Dec 15, 2018, at 4:26 PM, J.R. wrote:
>
> When a new
> cdiff is released, is a new daily.cvd also released at the same time?
___
clamav-users mailing l
Both signatures we dropped on 2/4/19.
- Alain
On Tue, Feb 5, 2019 at 10:21 AM Orion Poplawski wrote:
> We are starting to see a bunch of these being flagged. Anyone else
> seeing issues with these?
>
> *INFECTED*:
>
> * Txt.Packed.Generic-6840866-0 :
> https://cdn.onesignal.com/
Check out http://www.immunet.com/. It includes the ClamAV engine.
-Alain
On Mar 16, 2019, at 9:31 AM, Turritopsis Dohrnii Teo En Ming <
c...@teo-en-ming-corp.com> wrote:
Good evening from Singapore,
Are there any plans to develop ClamAV Endpoint Antivirus in the near future?
Like Symantec
The signature needs a little tweaking, and will be revised. Revision 0
(Txt.Coinminer.Generic-7132166-0) has been dropped and this will be
reflected in the next signature update.
- Alain
On Tue, Aug 27, 2019 at 11:25 AM Brian Cole via clamav-users <
clamav-users@lists.clamav.net> wrote:
>
>
> H
The alert was a false positive, and the offending signature has been
removed.
Thanks,
-Alain
On Tue, Nov 12, 2019 at 10:35 AM Maarten Broekman via clamav-users <
clamav-users@lists.clamav.net> wrote:
> That's a hash signature. My guess is that there's 315 byte file inside the
> jar that was mar
Confirming that those are false positives, thanks for reporting. The
offending signature has been dropped. This should be reflected in the next
signature update.
- Alain
On Thu, Jan 9, 2020 at 12:29 PM Douglas Stinnette wrote:
> This definition is detecting many files that appear to be safe.
>
It means that you are using ClamAV version 0.102, with the main.cvd
signature file version 59, and the daily.cvd signature file version 25920.
-Alain
On Thu, Sep 17, 2020 at 1:12 PM Jeff Koch
wrote:
>
> HI
>
> Looking through our scanning logs we see what appears to be a signature
> that looks
201 - 218 of 218 matches
Mail list logo
