The signature causing this FP alert has been dropped earlier today. This
should be reflected in the next signature definitions update.
Thanks for reporting the issue.
-Alain
On Fri, Sep 10, 2021 at 4:48 PM Andreas Rulle wrote:
> Hi,
>
> a detection of Pdf.Phishing.CWS4c384287-9890237-0 has
Hi,
a detection of Pdf.Phishing.CWS4c384287-9890237-0 has been checked on
www.virustotal.com, see [1], and a report has been issued on the page
https://www.clamav.net/reports/fp
because only ClamAV has a detection in [1].
It would be great if someone could have a first look on that report.
Hi Dan!
Thank you for bringing this to our attention. From a quick check of some of
the samples alerting with this signature it does seem like it could be
causing FPs. The signature will be dropped for now.
Best regards,
Lilia Gonzalez
Malware Research Team
Cisco Talos
On Fri, Sep 10, 2021 at
Hi there,
On Fri, 10 Sep 2021, Choate, Nathan via clamav-users wrote:
... we would like to use clamdscan to tell clamd to scan the
mounted volume contents from its container, not through a stream from the
client. Is that possible?
Yes, using the clamd API. Here's a cut-n-paste of me doing
Choate, Nathan via clamav-users wrote:
Hello,
Ive recently been experimenting with using the recently built ClamAV
Docker image in a Kubernetes deployment.
We want to utilize the ClamAV container in our deployment alongside a
basic server application running in a separate pod.
We think
Thanks for the quick response!
My apologies, I wasn't trying to get too hung up on the details of the
deployment. I was just trying to give some sort of background as to why I'm
asking this question.
In short, the main question I was hoping to get clarification on was:
If clamdscan is
Dan,
You can use sigtool:
#sigtool --find-sigs Pdf.Phishing.CWS4c384287-9890237-0 | sigtool
--decode-sigs
Looks like a cmap definition so a definition of character sets to Unicode.
Could definitely be a false positive, send samples to
https://www.clamav.net/reports/fp
Sincerely,
Can someone explain what the classification
"Pdf.Phishing.CWS4c384287-9890237-0" means? I assume it has something to do
with a link found in a document. However, we've had several of these lately
and I can't see anything wrong with the documents. We're using clamav with
OPSWAT Metadefender,
On 09.09.21 16:53, dee heffemm via clamav-users wrote:
We use autofs to mount some shared directories under www for the webserver
and after disabling autofs, the error has went away.
due to how clamonaccess works, it is not compatible with autofs.
you'll have to use static mounts, or
On 02.09.21 15:45, Karakanovski, Anton via clamav-users wrote:
I am writing regarding more information related to usage of clamscan.
First I want to share the problem/observation that we have - currently we
try to make three scans at a same time (some kind of performance test
using jmeter) but
I found the conf files in the root folder of my homedirectory. ~\
On Mon, Aug 30, 2021 at 8:01 AM
wrote:
> Send clamav-users mailing list submissions to
> clamav-users@lists.clamav.net
>
> To subscribe or unsubscribe via the World Wide Web, visit
>
I didn't uninstall. I'll wait for a response. Sorry about the extra
communication.
On Mon, Aug 30, 2021 at 8:01 AM
wrote:
> Send clamav-users mailing list submissions to
> clamav-users@lists.clamav.net
>
> To subscribe or unsubscribe via the World Wide Web, visit
>
>Please tell us exactly how you installed the package.
I installed running the Mac OS installer pkg from the website. I did the
right-click to bypass Gatekeeper and the warning.
>Have you installed any previous version of ClamAV? In particular,
have you previously installed any version 0.104
Hello,
I've recently been experimenting with using the recently built ClamAV Docker
image in a Kubernetes deployment.
We want to utilize the ClamAV container in our deployment alongside a basic
server application running in a separate pod.
We think the ideal pattern would be to have the ClamAV
On 09.09.21 18:10, Scattone, Russell via clamav-users wrote:
I keep getting this message and really need the CVD's to install on an
isolated system and have been doing it this way because there is no copy
of CVD's on the other systems that are updating.
2021-09-09 11:52:49 cvdupdate-0.2.0
15 matches
Mail list logo
