[clamav-users] Eicar test string now returning Win.Trojan.Trojan-605
alvarnell at mac.com
Tue May 17 02:25:33 EDT 2016
I’m unable to replicate your findings:
~/Downloads/2016-05-16/eicar.txt: Eicar-Test-Signature FOUND
Taking a look at the current daily.cld I see entries in both ignore sections:
daily.ign 1374 002516 fake:1:Dont_remove_this_line
daily.ign2 1072 002573 fake_dont_remove_this_line
I wonder if it’s engine specific? Are you using 0.99.x
On Mon, May 16, 2016 at 01:45 PM, Jason J. W. Williams wrote:
> Looks like EICAR is getting classified as Win.Trojan.Trojan-605 again
> (daily 21557).
> On Wed, Mar 16, 2016 at 8:54 PM, Al Varnell <alvarnell at mac.com> wrote:
>> The new database was just made available, so I recommend you hold off
>> until you have the new mail.cvd v57 and daily.cvd v21466 before getting too
>> excited about this.
>> On Wed, Mar 16, 2016 at 08:49 PM, Jason J. W. Williams wrote:
>>> As of the latest daily update, running ClamAV against the EICAR test
>>> reports Win.Trojan.Trojan-605 instead of Eicar-Test-Signature.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 2370 bytes
Desc: not available
More information about the clamav-users