If you're concerned that they may be flagging with multiple signatures, you can
also test using:
clamscan --allmatch
It will scan for as many signatures as possible instead of just returning the
first one it finds.
Micah Snyder
ClamAV Development
Talos
Cisco Systems, Inc.
On Aug 7, 2018,
Correct. Jar files are essentially zip files.
Sent from my iPhone
> On Aug 7, 2018, at 07:00, Maarten Broekman wrote:
>
> JAR files can be unpacked like tarballs so it is likely that there is a
> common file in each that matches those hashes.
>
> Maarten
> Sent from a tiny keyboard
>
>>
JAR files can be unpacked like tarballs so it is likely that there is a common
file in each that matches those hashes.
Maarten
Sent from a tiny keyboard
> On Aug 7, 2018, at 04:54, Albrecht, Peter wrote:
>
> Hi,
>
>> I don't see how that is even remotely possibly. They are three completely
Hi,
> I don't see how that is even remotely possibly. They are three completely
> different hash signatures:
>
>[daily.hsb]
>9027093eab2a193081a763001e947371:4292:Html.Malware.Agent-6625344-0:73
>[daily.hsb]
>5591165097d53565d4e5f4e9fda8241a:7367:Html.Malware.Agent-6625164-0:73
>[daily.hsb]
I don't see how that is even remotely possibly. They are three completely
different hash signatures:
[daily.hsb]
9027093eab2a193081a763001e947371:4292:Html.Malware.Agent-6625344-0:73
[daily.hsb]
5591165097d53565d4e5f4e9fda8241a:7367:Html.Malware.Agent-6625164-0:73
[daily.hsb]
Hi,
We have whitelisted certain signatures for files which are only detected by
ClamAV to be potentially malicious. And now we face the problem that the
same files are reported again, but with a different signature. I already had
this behaviour when I tested with the EICAR test virus.
The
