[clamav-users] ClamAV sends lots of False Positives : Heuristics.Structured.CreditCardNumber FOUND
Zeal Vora
zeal at freecharge.com
Wed Oct 28 06:31:41 UTC 2015
Thanks Dennis.
So if i want to scan the whole system for Malwares etc and only 1
particular folder for CC information, is there any way I can do that ?
On Wed, Oct 28, 2015 at 4:44 AM, Dennis Peterson <dennispe at inetnw.com>
wrote:
> Yes - of course it can.
>
> clamscan --help |egrep "include|exclude"
>
> dp
>
>
> On 10/27/15 12:23 AM, Zeal Vora wrote:
>
>> Hi
>>
>>
>> We have ClamAV on servers and it sends a lot of False Positives related to
>> : Heuristics.Structured.CreditCardNumber FOUND
>>
>> Almost 99% of the alerts are the same.
>>
>> Can we have ClamAV to look for CreditCardNumber only on certain
>> directories
>> instead of the whole file system ? How can we do that ?
>>
>> Our Current ClamAV scan is :-
>>
>> clamscan \
>> --quiet \
>> --stdout \
>> --infected \
>> --suppress-ok-results \
>> --official-db-only=yes \
>> --log=$LOGFILE \
>> --recursive \
>> --cross-fs=yes \
>> --follow-dir-symlinks=0 \
>> --follow-file-symlinks=0 \
>> --remove=no \
>> --exclude-dir=/dev \
>> --exclude-dir=/sys \
>> --detect-structured=yes \
>> --scan-mail=yes \
>> --phishing-sigs=yes \
>> --phishing-scan-urls=yes \
>> --heuristic-scan-precedence=yes \
>> --algorithmic-detection=yes \
>> --scan-pe=no \
>> --scan-elf=yes \
>> --scan-ole2=no \
>> / \
>> > $REPORTFILE 2>&1
>>
>>
>>
>> Any help will be appreciated.
>> _______________________________________________
>> Help us build a comprehensive ClamAV guide:
>> https://github.com/vrtadmin/clamav-faq
>>
>> http://www.clamav.net/contact.html#ml
>>
>
> _______________________________________________
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
>
More information about the clamav-users
mailing list