[clamav-users] Detection as PUA.Andr.Trojan.Generic-6878612-0

Micah Snyder (micasnyd) micasnyd at cisco.com
Wed Mar 13 12:07:38 EDT 2019


PUA.Andr.Trojan.Generic-6878612-0 has also been dropped earlier today and will be removed in the next daily update.

Regards,
Micah

On 3/13/19, 7:33 AM, "clamav-users on behalf of Mark Foley" <clamav-users-bounces at lists.clamav.net on behalf of mfoley at novatec-inc.com> wrote:

    On Wed, 13 Mar 2019 11:26:06 +0100 vamp898 wrote:
    >
    > Hi there,
    >
    > since a few days we get a _lot_ detections for 
    > PUA.Andr.Trojan.Generic-6878612-0
    >
    > Office Documents, ZIP Docuemnts, JPEG Images (containing nothing as 
    > JPEG) are all more and more detected at this type. Not all of them but 
    > way too much to see a real pattern what the actual issue is :(
    >
    > Is that something known?
    >
    
    Yes, I'm having the same issue.  Several hundred emails in IMAP folder are FOUND
    with this PUA.  Many of these messages are one or more years old, many of the
    emails are generated from with my office and are unlikely to contain malware. 
    
    I'm wondering how legit this is and whether to actually go through and remove
    hundreds of message from user's mail folder or to set .ign2 to ignore this
    signature.
    
    --Mark
    
    _______________________________________________
    
    clamav-users mailing list
    clamav-users at lists.clamav.net
    https://lists.clamav.net/mailman/listinfo/clamav-users
    
    
    Help us build a comprehensive ClamAV guide:
    https://github.com/vrtadmin/clamav-faq
    
    http://www.clamav.net/contact.html#ml
    



More information about the clamav-users mailing list