That's known to me Steve. I'm afraid malware will not be detected in that case.
P. On Thu, Mar 31, 2016 at 3:43 PM, Steve Basford < steveb_cla...@sanesecurity.com> wrote: > > On Thu, March 31, 2016 2:33 pm, polloxx wrote: > > Since the new Clamav database we have a lot more false positives for > > PUA.Pdf.Trojan.EmbeddedJS-1 and PUA.Win.Trojan.EmbeddedPDF-1. > > What can we do about this, except disabling PUA? > > Create a local.ign2 with the following lines: > > PUA.Pdf.Trojan.EmbeddedJS-1 > PUA.Win.Trojan.EmbeddedPDF-1 > > Place in ClamAV database folder and restart clamd > > Cheers, > > Steve > Web : sanesecurity.com > Blog: sanesecurity.blogspot.com > Twitter: @sanesecurity > > _______________________________________________ > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml > _______________________________________________ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
