[clamav-users] Win.Malware.Krucky-7009041-0 false positive
Al Varnell
alvarnell at mac.com
Sun Jul 21 09:54:23 UTC 2019
It has been dropped by daily 25517 which should have been available about an hour ago and I'm no longer seeing it in the database after a freshclam update.
-Al-
On Sat, Jul 20, 2019 at 12:47 PM, Al Varnell via clamav-users wrote:
> I can confirm that it's still in the database thru today's daily 25516 update.
>
> -Al-
>
> On Sat, Jul 20, 2019 at 11:02 AM, Joel Esler (jesler) via clamav-users wrote:
>> Signature has already been dropped.
>>
>> Sent from my iPhone
>>
>> On Jul 20, 2019, at 07:37, Groach via clamav-users <clamav-users at lists.clamav.net <mailto:clamav-users at lists.clamav.net>> wrote:
>>
>>> Already have done. But I have never (no exaggeration) had any success with it being actioned when reported only on that website. So I am also sending this notification to the mail list on the hope that that is more productive.
>>>
>>> Thanks
>>>
>>>
>>>
>>> On 20/07/2019 12:22, Matus UHLAR - fantomas wrote:
>>>> On 20.07.19 11:53, Groach via clamav-users wrote:
>>>>> C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe: Win.Malware.Krucky-7009041-0 FOUND
>>>>>
>>>>> The file is from Adobe Acrobat (genuine file from 2011). Virustotal hash: https://www.virustotal.com/gui/file/5821567d7dd99623257aea794023ef4200e6e17fd09656b40d97c44a35c701bb <https://www.virustotal.com/gui/file/5821567d7dd99623257aea794023ef4200e6e17fd09656b40d97c44a35c701bb>
>>>>>
>>>>> Can we get the definition reviewed/removed please?
>>>>
>>>> you should report false positive on:
>>>>
>>>> https://www.clamav.net/reports/fp <https://www.clamav.net/reports/fp>
>
> _______________________________________________
>
> clamav-users mailing list
> clamav-users at lists.clamav.net <mailto:clamav-users at lists.clamav.net>
> https://lists.clamav.net/mailman/listinfo/clamav-users <https://lists.clamav.net/mailman/listinfo/clamav-users>
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq <https://github.com/vrtadmin/clamav-faq>
>
> http://www.clamav.net/contact.html#ml <http://www.clamav.net/contact.html#ml>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.clamav.net/pipermail/clamav-users/attachments/20190721/c44f79c5/attachment.htm>
More information about the clamav-users
mailing list