[clamav-users] Latest samba source contains Win.Trojan.Qhost-106?
Joel Esler (jesler)
jesler at cisco.com
Wed Mar 30 21:08:16 UTC 2016
The largest place where ClamAV is deployed is on mail gateways. However ClamAV is deployed everywhere. Desktops, servers, mail gateways, I’ve even heard of people compiling for their Android platform, and of course Windows.
--
Joel Esler
Manager, Talos Group
On Mar 30, 2016, at 4:53 PM, C.D. Cochrane <cdc at post.com<mailto:cdc at post.com>> wrote:
Hi, I am the new guy here so please forgive my ignorance :) But "ClamAV is the open source standard for mail gateway scanning software" It sure seems like a lot of people are getting hot about FPs on files that are NOT received as emails? I keep seeing log files, samba distributions and full Windows C:\ scans where people complain about false positives. Shouldn't that be product other than ClamAV doing these scans? I mean if it's not arriving in your inbox as an attachment why are you scanning it with ClamAV?
Sent: Wednesday, March 30, 2016 at 2:18 PM
From: "Paul Kosinski" <clamav-users at iment.com<mailto:clamav-users at iment.com>>
To: clamav-users at lists.clamav.net<mailto:clamav-users at lists.clamav.net>
Subject: [clamav-users] Latest samba source contains Win.Trojan.Qhost-106?
I just downloaded samba-4.4.0.tar.gz (the latest) from samba.org<http://samba.org>, and,
after downloading via HTTPS, ClamAV (0.99.1/21479) reports that the gz
file contains Win.Trojan.Qhost-106. In particular, the single file
wintest.py in the subdirectory wintest is reported.
_______________________________________________
_______________________________________________
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
More information about the clamav-users
mailing list