[clamav-users] PUA.Pdf.Trojan.EmbeddedJS-1 and PUA.Win.Trojan.EmbeddedPDF-1
Steve Basford
steveb_clamav at sanesecurity.com
Thu Mar 31 13:43:34 UTC 2016
On Thu, March 31, 2016 2:33 pm, polloxx wrote:
> Since the new Clamav database we have a lot more false positives for
> PUA.Pdf.Trojan.EmbeddedJS-1 and PUA.Win.Trojan.EmbeddedPDF-1.
> What can we do about this, except disabling PUA?
Create a local.ign2 with the following lines:
PUA.Pdf.Trojan.EmbeddedJS-1
PUA.Win.Trojan.EmbeddedPDF-1
Place in ClamAV database folder and restart clamd
Cheers,
Steve
Web : sanesecurity.com
Blog: sanesecurity.blogspot.com
Twitter: @sanesecurity
More information about the clamav-users
mailing list