On Fri, Jan 12, 2018 at 08:31 PM, Paul B. wrote: > I just ran a scan on my root drive, and had 3 hits. I ran each of them > by VirusTotal, and each VT had ClamAV reporting them as Clean. The > output here was: > > /home/paul/.config/vivaldi/Default/Extensions/kbmfpngjjgdllneeigpgjifpgocmfgmb/5.10.1_0/foreground.entry.js.map: > Html.Exploit.CVE_2017_8738-6336184-2 FOUND > > /home/paul/.wine/drive_c/users/Public/Application Data/The > Word/Cache/twrestart.exe: PUA.Win.Packer.BorlandDelphiKo-3 FOUND > > /home/paul/.wine/drive_c/Program Files (x86)/The Word/Uninst.exe: > PUA.Win.Trojan.Casino-141 FOUND
Since you believe these to be False Positives, you should upload them to <http://www.clamav.net/reports/fp <http://www.clamav.net/reports/fp>> then return here with a hash value for each file. > The first one is the reddit extension suite, RES, an extension to the > vivaldi browser. The second and third pertain to a Windows Bible > program I use on WINE on Linux. I would be very surprised if there is > anything actually wrong with #2 or #3, and I doubt anything's wrong > with #1. #2 did pull four hits on VirusTotal, out of 66 engines. But > ClamAV at VT passed all three files. > > I could simply write an exclusion for these files, but I wonder why > this disparity exists. > > Thanks, > Paul -Al- -- Al Varnell ClamXAV user _______________________________________________ clamav-users mailing list [email protected] http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
