[clamav-users] PUA.Pdf.Trojan.EmbeddedJS-1 and PUA.Win.Trojan.EmbeddedPDF-1
polloxx
polloxx at gmail.com
Thu Mar 31 14:25:55 UTC 2016
That's known to me Steve.
I'm afraid malware will not be detected in that case.
P.
On Thu, Mar 31, 2016 at 3:43 PM, Steve Basford <
steveb_clamav at sanesecurity.com> wrote:
>
> On Thu, March 31, 2016 2:33 pm, polloxx wrote:
> > Since the new Clamav database we have a lot more false positives for
> > PUA.Pdf.Trojan.EmbeddedJS-1 and PUA.Win.Trojan.EmbeddedPDF-1.
> > What can we do about this, except disabling PUA?
>
> Create a local.ign2 with the following lines:
>
> PUA.Pdf.Trojan.EmbeddedJS-1
> PUA.Win.Trojan.EmbeddedPDF-1
>
> Place in ClamAV database folder and restart clamd
>
> Cheers,
>
> Steve
> Web : sanesecurity.com
> Blog: sanesecurity.blogspot.com
> Twitter: @sanesecurity
>
> _______________________________________________
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
>
More information about the clamav-users
mailing list