The MD5 of the false positive file that I submitted to the website:MD5 hash of file Standard Job1.xlsx: eb 28 c5 01 b2 14 91 5a 70 31 59 92 56 9e f6 10
From: Joel Esler (jesler) <jes...@cisco.com> To: ClamAV users ML <clamav-users@lists.clamav.net> Sent: Tuesday, September 12, 2017 5:55 AM Subject: Re: [clamav-users] CVE-2017-11241 - Synology DIskStation AV Essentials Depends on your operating system, but googling “how do I find the md5 of a file” for your OS should turn of plenty of results. -- Joel Esler | Talos: Manager | jes...@cisco.com<mailto:jes...@cisco.com> On Sep 11, 2017, at 5:42 PM, Judd Grayzel <judd_gray...@yahoo.com<mailto:judd_gray...@yahoo.com>> wrote: Where do I get the MD5 for the file? Sent from my iPhone On Sep 11, 2017, at 1:42 PM, Joel Esler (jesler) <jes...@cisco.com<mailto:jes...@cisco.com>> wrote: You want to submit some false positives to us via the website, followup here with the md5s of the files you submit, the malware team can take a look. -- Joel Esler | Talos: Manager | jes...@cisco.com<mailto:jes...@cisco.com><mailto:jes...@cisco.com> On Sep 11, 2017, at 3:06 PM, Judd Grayzel <judd_gray...@yahoo.com<mailto:judd_gray...@yahoo.com><mailto:judd_gray...@yahoo.com>> wrote: My Synology Diskstation running the Anti-Virus Essentials (ClamAV based engine) quarantined almost 1000 files for the CVE-2017-11241 vulnerability. This CVE references a problem with Adobe Acrobat, but the files that are being quarantined are Microsoft Excel fIles. Do these files really have a virus of some sort, or is this a False/Positive situation? _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net<mailto:clamav-users@lists.clamav.net><mailto:clamav-users@lists.clamav.net> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net<mailto:clamav-users@lists.clamav.net> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml