Hi, > I don't see how that is even remotely possibly. They are three completely > different hash signatures: > >[daily.hsb] >9027093eab2a193081a763001e947371:4292:Html.Malware.Agent-6625344-0:73 >[daily.hsb] >5591165097d53565d4e5f4e9fda8241a:7367:Html.Malware.Agent-6625164-0:73 >[daily.hsb] >f4116176a108054001a0e29e2ea105e6:6996:Html.Malware.Agent-6625283-0:73 > >You should have already submitted this file to ClamAV as a false positive, so >what was it's MD5 hash?
I have submitted two files which have been reported. Their MD5 sums are: 88cc3123fce88d61b7c2cdbfc33542c5 httpclient-4.3.3.jar 9221d898bfa2fa19fa9bc307351f34a1 storm-submit-tools-1.1.1.jar Strangely, they are reported with the same signature. And after whitelisting the first one, the second one is reported. And then the third ... This started about 10 days ago, nothing has been reported before that. Thanks, Peter Albrecht Senior Linux Administrator Wirecard Service Technologies GmbH Einsteinring 35 | 85609 Aschheim | Germany Tel: +49 (0) 89 4424-191076 https://www.wirecard.com ________________________________________________________________________________________________________ Amtsgericht München HRB Nummer 238 150 Geschäftsführer: Thomas Neef, Susanne Steidl, Yiannakis Ioannou VERTRAULICHE INFORMATIONEN! Diese E-Mail enthält vertrauliche Informationen und ist nur für den berechtigten Empfänger bestimmt. Wenn diese E-Mail nicht für Sie bestimmt ist, bitten wir Sie, diese E-Mail an uns zurückzusenden und anschließend auf Ihrem Computer und Mail-Server zu löschen. Solche E-Mails und Anlagen dürfen Sie weder nutzen, noch verarbeiten oder Dritten zugänglich machen, gleich in welcher Form. Wir danken für Ihre Kooperation! CONFIDENTIAL! This email contains confidential information and is intended for the authorized recipient only. If you are not an authorised recipient please return the email to us and then delete it from your computer and mail-server. You may neither use nor edit any such emails including attachments, nor make them accessible to third parties in any manner whatsoever. Thank you for your cooperation. _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml