Re: [clamav-users] False Positive - Win.Exploit.CVE_2016_3316-1?

The offending signature has been dropped from the signature set. This should be reflected shortly in an upcoming signature update. - Alain On Wed, Aug 10, 2016 at 6:10 AM, Al Varnell wrote: > The only way to be notified is if you submit a sample to the ClamAV False >

Re: [clamav-users] False Positive - Win.Exploit.CVE_2016_3316-1?

On Wed, August 10, 2016 7:22 am, ANANT S ATHAVALE wrote: > Hi, > > > Most of the mails are marked with Win.Exploit.CVE_2016_3316-1. Is > this a false positive? Finally got it... blank LibreOffice.doc file... blank.doc: Win.Exploit.CVE_2016_3316-1 I've added a whitelist entry to

Re: [clamav-users] False Positive - Win.Exploit.CVE_2016_3316-1?

The only way to be notified is if you submit a sample to the ClamAV False Positive site that I referenced earlier. Otherwise, you’ll just have to query the database periodically to see if and when it is removed or ignored. -Al- On Wed, Aug 10, 2016 at 02:32 AM, Robert Boyle wrote: > > Can

Re: [clamav-users] False Positive - Win.Exploit.CVE_2016_3316-1?

On Wed, August 10, 2016 10:52 am, Jan-Pieter Cornet wrote: > On 10-8-16 08:22, ANANT S ATHAVALE wrote: > >> Hi, >> >> >> Most of the mails are marked with Win.Exploit.CVE_2016_3316-1. Is >> this a false positive? > > Created a completely empty .doc file using LibreOffice on linux, and the >

Re: [clamav-users] False Positive - Win.Exploit.CVE_2016_3316-1?

Am 10.08.2016 um 11:52 schrieb Jan-Pieter Cornet: On 10-8-16 08:22, ANANT S ATHAVALE wrote: Hi, Most of the mails are marked with Win.Exploit.CVE_2016_3316-1. Is this a false positive? Yes. Created a completely empty .doc file using LibreOffice on linux, and the resulting file was

Re: [clamav-users] False Positive - Win.Exploit.CVE_2016_3316-1?

On 10-8-16 08:22, ANANT S ATHAVALE wrote: > Hi, > > Most of the mails are marked with Win.Exploit.CVE_2016_3316-1. Is this a > false positive? Yes. Created a completely empty .doc file using LibreOffice on linux, and the resulting file was recognized as Win.Exploit.CVE_2016_3316-1. This

Re: [clamav-users] False Positive - Win.Exploit.CVE_2016_3316-1?

Am 10.08.2016 um 11:32 schrieb Robert Boyle: I see that you have added Win.Exploit.CVE_2016_3316-1 to whitelist.ign2 Can you please advise when this whitelist update is available to all users? you can place your own .ign2 file in the signature folder, that's the whole point of different

Re: [clamav-users] False Positive - Win.Exploit.CVE_2016_3316-1?

Hi, I see that you have added Win.Exploit.CVE_2016_3316-1 to whitelist.ign2 Can you please advise when this whitelist update is available to all users? Thanks RB ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq

Re: [clamav-users] False Positive - Win.Exploit.CVE_2016_3316-1?

Signature was just added yesterday, so there’s a good chance. Be sure and submit a couple of samples to so that it can be taken care of for all. -Al- On Tue, Aug 09, 2016 at 11:22 PM, ANANT S ATHAVALE wrote: > > Hi, > > Most of the mails are marked with

Re: [clamav-users] False Positive - Win.Exploit.CVE_2016_3316-1?

On 08/10/2016 08:22 AM, ANANT S ATHAVALE wrote: Hi, Most of the mails are marked with Win.Exploit.CVE_2016_3316-1. Is this a false positive? seems so! added Win.Exploit.CVE_2016_3316-1 to whitelist.ign2 ___ Help us build a comprehensive ClamAV

[clamav-users] False Positive - Win.Exploit.CVE_2016_3316-1?

Hi, Most of the mails are marked with Win.Exploit.CVE_2016_3316-1. Is this a false positive? -- सादर धन्यवाद/ Thanks & Regards अनंत / Anant -- Confidentiality Notice: This e-mail message,