[clamav-users] False positives submitted but still viewed as viruses
Maarten Broekman
maarten.broekman at endurance.com
Mon Feb 8 14:23:59 UTC 2016
If you don't want to wait, you can also whitelist the files in your own
database files.
Run either of the following:
sigtool --sha256 <filename>
sigtool --md5 <filename>
Put the output into a '.fp' file in your db directory and that should
whitelist that specific file so it's not reported.
--Maarten
On Mon, Feb 8, 2016 at 9:00 AM, Steve Basford <
steveb_clamav at sanesecurity.com> wrote:
>
> On Mon, February 8, 2016 1:27 pm, Klaas TJEBBES wrote:
> > Hi.
> >
> >
> > I've submitted several false positives but at the end of the submission
> > form I don't get any "submission-ID" so I cannot track my submissions.
> >
> > The files I've submitted (a week ago) are still detected as viruses.
> >
> Hi,
>
> If you don't know the ID, can you post a list of md5(s) for the team to
> lookup (I think that's currently how it works)
>
> Cheers,
>
> Steve
> Web : sanesecurity.com
> Blog: sanesecurity.blogspot.com
> Twitter: @sanesecurity
>
> _______________________________________________
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
>
More information about the clamav-users
mailing list