|Main Archive Page > Month Archives > clamav-users archives|
Please run freshclam again and scan the file. It should not be alerting
On Thu, May 15, 2014 at 10:07 AM, Shaun Hurley <email@example.com>wrote:
> Julian and Al,
> I thought this was signature was removed on Tuesday. I think I found the
> problem and should have this resolved later today.
> Please let me know if you have any questions.
> Thank you,
> Shaun Hurley
> Cisco Malware Reseearcher
> On Thu, May 15, 2014 at 3:40 AM, Al Varnell <firstname.lastname@example.org> wrote:
>> On Thu, May 15, 2014 at 12:34 AM, Julian Hansmann wrote:
>> > Am 15.05.2014 09:11, schrieb Al Varnell:
>> >> On Thu, May 15, 2014 at 12:04 AM, Julian Hansmann wrote:
>> >>> thank your very much for your responses. I added the signatures
>> >>> name to the whitelist which works flawless.
>> >> The signature was removed almost immediately after the
>> >> announcement, so you should no longer need the whitelist.
>> > Unfortunately I doubt that:
>> > $ sudo freshclam
>> > ClamAV update process started at Thu May 15 09:31:47 2014
>> > main.cvd is up to date (version: 55, sigs: 2424225, f-level: 60,
>> > builder: neo)
>> > daily.cld is up to date (version: 18987, sigs: 953271, f-level: 63,
>> > builder: neo)
>> > bytecode.cvd is up to date (version: 236, sigs: 43, f-level: 63,
>> > builder: dgoddard)
>> > $ clamscan test.eml
>> > test.eml: Email.Trojan-417 FOUND
>> > $ clamscan -d ../ignore.ign2 test.eml
>> > test.eml: OK
>> So it is. I could swear I checked Tuesday afternoon and couldnâ€™t find
>> it, but itâ€™s there now. Perhaps I was confusing it with one of the other
>> two FPâ€™s Iâ€™m tracking. One is gone, but Iâ€™m still waiting on the second
>> one to be modified.
>> Al Varnell
>> Mountain View, CA
>> Help us build a comprehensive ClamAV guide:
Help us build a comprehensive ClamAV guide: