[clamav-users] Win.Trojan.Zwangi-432 / Osx.Exploit.CVE_2006_0848 / PHP.Shell-29
birgit.ducarroz at unifr.ch
Wed Jul 9 04:43:44 EDT 2014
Tried to join the malware (an .exe file) , tried to join the email (as
an .eml file).
For both the form does reject, saying:
" The sample is empty. This file is not detected by ClamAV. Please
update your CVD database before reporting false-positives. If you are
using third-party databases/unofficial signatures, please contact the
author of the signature. We can only process false-positives generated
by ClamAV Official signatures.
Please correct the above errors and retry."
In your form is also an URL (What is PUA?) - When klicking on the link,
the page says "Search Results: Sorry, but you are looking for something
that isn't here."
Thank you for help again..
On 09. 07. 14 10:26 , DUCARROZ Birgit wrote:
> oki, thank you!
> I will do this in the next few minutes.
> - Birgit
> On 08. 07. 14 13:28 , Joel Esler (jesler) wrote:
>>> On Jul 8, 2014, at 5:11, "DUCARROZ Birgit"
>>> <birgit.ducarroz at unifr.ch> wrote:
>>> Platform: You mean the platform where clamav is installed, not the
>>> platform the virus is for, just?
>> Yes. The platform where ClamAV is.
>>> What do you mean I must attach with "raw message"? The output of the
>>> virus-scan? Or the file containing the virus (or false positive)?
>> If it's an email, please attach the whole thing. If it's a malware,
>> attach the malware.
>> Help us build a comprehensive ClamAV guide:
> Help us build a comprehensive ClamAV guide:
Unix Systems Administration
Department of Informatics
University of Fribourg Switzerland
mailto:birgit.ducarroz at unifr.ch
Phone: +41 (26) 300 8342
More information about the clamav-users