Hi there, On Mon, 26 Apr 2021, Haukur Valgeirsson via clamav-users wrote:
I am setting up daily scanning and was figuring out how to whitelist based on file signatures, and decided to use the eicar test files to tune the settings. Used 'sigtool --md5 eicarcom2.zip > falsepossigs.fp' to create the sig to whitelist and proceeded to run test scans and the results were a little surprising:
Given your description of what you did I'd struggle to reproduce it. Please give full details of how you are running the scans, the exact unaltered output as you see it, and the output of 'clamconf -n'. -- 73, Ged. _______________________________________________ clamav-users mailing list [email protected] https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
