Re: [clamav-users] Virus information database?

2012-05-07 Thread Al Varnell
On 5/7/12 5:35 PM, "Pepijn Schmitz" wrote: > On 07-05-12 20:44, Al Varnell wrote: >>> And is there no place where I can find more information about the trojan >>> ClamAV thinks it is detecting? Surely there is more information than a >>> hex string, somewhere? >> The only one that might know some

Re: [clamav-users] Virus information database?

2012-05-07 Thread Pepijn Schmitz
Hi Tom, On 08-05-12 02:52, TR Shaw wrote: > Pepijn > > Not sure what your issue is. First, virus names are not uniform. You should > not expect them to be. I /don't/ expect them to be. But I expect to be able to find some other information about them than a cryptic name and an MD5 hash /somewhe

Re: [clamav-users] Virus information database?

2012-05-07 Thread TR Shaw
On May 7, 2012, at 8:35 PM, Pepijn Schmitz wrote: > Hi Al, > > On 07-05-12 20:44, Al Varnell wrote: >>> And is there no place where I can find more information about the trojan >>> ClamAV thinks it is detecting? Surely there is more information than a >>> hex string, somewhere? >> The only one t

Re: [clamav-users] Virus information database?

2012-05-07 Thread Pepijn Schmitz
Hi Al, On 07-05-12 20:44, Al Varnell wrote: >> And is there no place where I can find more information about the trojan >> ClamAV thinks it is detecting? Surely there is more information than a >> hex string, somewhere? > The only one that might know something about it is the member of the > signa

Re: [clamav-users] Virus information database?

2012-05-07 Thread Pepijn Schmitz
Hi Török, On 07-05-12 21:46, Török Edwin wrote: > On 05/07/2012 09:44 PM, Al Varnell wrote: >> The hex string being matched is the MD5 of the file, but it doesn't match >> the one listed in VirusTotal so I'm confused here. > Its the MD5 of a section of your executable file [*] Virustotal doesn't p

Re: [clamav-users] Virus information database?

2012-05-07 Thread Pepijn Schmitz
Hi Henri, On 07-05-12 21:29, Henri Salo wrote: > Could you also send the sample to http://anubis.iseclab.org/ I did as requested. You can view the result at: http://anubis.iseclab.org/?action=result&task_id=17b7c7df4a9514704d1d5ef54cabada48

Re: [clamav-users] Virus information database?

2012-05-07 Thread Török Edwin
On 05/07/2012 09:44 PM, Al Varnell wrote: > On 5/7/12 10:49 AM, "Pepijn Schmitz" wrote: > >> Hi Chuck, >> >> On 07-05-12 19:17, Chuck Swiger wrote: >>> VirusTotal is a site at https://www.virustotal.com/ which lets one upload >>> files and scan them against all of the major malware engines. This

Re: [clamav-users] Virus information database?

2012-05-07 Thread Al Varnell
On 5/7/12 10:49 AM, "Pepijn Schmitz" wrote: > Hi Chuck, > > On 07-05-12 19:17, Chuck Swiger wrote: >> VirusTotal is a site at https://www.virustotal.com/ which lets one upload >> files and scan them against all of the major malware engines. This will show >> you all of the false-positive matche

Re: [clamav-users] Virus information database?

2012-05-07 Thread Henri Salo
Could you also send the sample to http://anubis.iseclab.org/ - Henri Salo ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml

Re: [clamav-users] Virus information database?

2012-05-07 Thread Chuck Swiger
On May 7, 2012, at 10:49 AM, Pepijn Schmitz wrote: > Hi Chuck, > > On 07-05-12 19:17, Chuck Swiger wrote: >> VirusTotal is a site at https://www.virustotal.com/ which lets one upload >> files and scan them against all of the major malware engines. This will >> show you all of the false-positive

Re: [clamav-users] Virus information database?

2012-05-07 Thread Pepijn Schmitz
Hi Chuck, On 07-05-12 19:17, Chuck Swiger wrote: > VirusTotal is a site at https://www.virustotal.com/ which lets one upload > files and scan them against all of the major malware engines. This will show > you all of the false-positive matches and let you see what the malware is > being called

Re: [clamav-users] Virus information database?

2012-05-07 Thread Chuck Swiger
Hi-- On May 7, 2012, at 8:16 AM, Pepijn Schmitz wrote: > I'm asking because ClamAV is currently causing trouble for me by falsely > detecting something it calls "Trojan.Agent-281708" in my program, > worldpainter_0.8.6.exe. I can find no information on this > "Trojan.Agent-281708" online. The o

[clamav-users] Virus information database?

2012-05-07 Thread Pepijn Schmitz
Hi everyone, I'm sure I must be missing something, but where can I find the ClamAV virus information database? Not to download, but for me to search for information about an alleged trojan detected by ClamAV? I'm asking because ClamAV is currently causing trouble for me by falsely detecting so