Re: [Clamav-devel] NEF-file with Dos.Flip.Gen
- Original message - I found a .NEF-file with vulnerability Dos.Flip.Gen. What does that malware do? What is usually the best way to investigate virus names, which are used in ClamAV? DSC_4113.NEF: TIFF image data, big-endian main.cld: Dos.Flip.Gen (Clam)=0ebbb2??81c1eb How do you trace signature that you doubt it's virus? It's show debug on clamav debug mode,right? I can send the sample if that helps. - Henri Salo ___ http://lurker.clamav.net/list/clamav-devel.html Please submit your patches to our Bugzilla: http://bugs.clamav.net ___ http://lurker.clamav.net/list/clamav-devel.html Please submit your patches to our Bugzilla: http://bugs.clamav.net
Re: [Clamav-devel] NEF-file with Dos.Flip.Gen
On Mon, Feb 13, 2012 at 08:00:37AM +0700, Chatsiri Ratana wrote: - Original message - I found a .NEF-file with vulnerability Dos.Flip.Gen. What does that malware do? What is usually the best way to investigate virus names, which are used in ClamAV? DSC_4113.NEF: TIFF image data, big-endian main.cld: Dos.Flip.Gen (Clam)=0ebbb2??81c1eb How do you trace signature that you doubt it's virus? It's show debug on clamav debug mode,right? In my normal scanning I found a file named DSC_4113.NEF with infection Dos.Flip.Gen and I did grep main.cld for the string and tried to Google for more information. After I didn't find anything useful I am asking here to get more information how to vefiry this sample is indeed malware and not a false-positive. At the moment I have NO idea what Dos.Flip.Gen means. - Henri Salo ___ http://lurker.clamav.net/list/clamav-devel.html Please submit your patches to our Bugzilla: http://bugs.clamav.net
[Clamav-devel] NEF-file with Dos.Flip.Gen
I found a .NEF-file with vulnerability Dos.Flip.Gen. What does that malware do? What is usually the best way to investigate virus names, which are used in ClamAV? DSC_4113.NEF: TIFF image data, big-endian main.cld: Dos.Flip.Gen (Clam)=0ebbb2??81c1eb I can send the sample if that helps. - Henri Salo ___ http://lurker.clamav.net/list/clamav-devel.html Please submit your patches to our Bugzilla: http://bugs.clamav.net