Hi there, On Thu, 7 May 2020, Pascal De Meerleer via clamav-users wrote:
... whitelisting a file themedesigner.war Creating an md5 signature and writing it to a file with extension .fp # sigtool --md5 themedesigner.war a264955211fd1fb5dc952430c4ee6674:14824637:themedesigner (omitting the last extension, in this case .war)
It is not clear to me from your post exactly what you have done, and I specifically do not understand your comment "(omitting the last extension, in this case .war)" Why would you omit it? Are you expecting to whitelist every file with a name which begins with "themedesigner"? Have you tried _not_ omitting the file extension?
Restarting the clamd scan service
Not necessary, you can signal clamd to reload the databases or just wait until something else does it (such as freshclam, or any scan).
Check if whitelisting found using clamd and clamscan In both cases virus is still FOUND, not whitelisted Any idea what's wrong in my thinking or something I'm missing?
Please make your post much clearer. What exactly is the name of the database file which you created, where in the filesystem did you put it, and what is the exact content of the database file? -- 73, Ged. _______________________________________________ clamav-users mailing list [email protected] https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
