[clamav-users] Html.Malware.Agent-7380889-0 false positive on Apache files?
Christina Qian
christina.qian at ayasdi.com
Thu Nov 14 17:55:22 UTC 2019
Got it. Thank you very much for your help. I will just add the file to
exclusive path then.
Christina Qian
On Thu, Nov 14, 2019 at 6:34 AM G.W. Haywood via clamav-users <
clamav-users at lists.clamav.net> wrote:
> Hi there,
>
> On Wed, 13 Nov 2019, Christina Qian wrote:
>
> > Thank you very much for your reply. I just realized that I was on the
> wrong
> > thread though. I meant to ask the reason for the alarms below, or at
> least
> > to confirm it's a false alarm, so I can just exclude the files. Do you or
> > anybody on the list has information on this? Thanks.
> > ...
> > /folder_name/jupyter/miniconda2/include/openssl/tls1.h:
> > YARA.php_malware_hexinject.UNOFFICIAL FOUND
> >
> /folder_name/jupyter/miniconda2/pkgs/openssl-1.0.2k-1/include/openssl/tls1.h:
> > YARA.php_malware_hexinject.UNOFFICIAL FOUND
> > /folder_name/anaconda2/pkgs/openssl-1.0.2k-1/include/openssl/tls1.h:
> > YARA.php_malware_hexinject.UNOFFICIAL FOUND
>
> Those files are published in open source packages. If you have any
> concerns about them you can always go to the originals and compare.
>
> In my view scanning files in this way causes more problems (and this
> is probably one of the most frequent) than it can ever solve.
>
> --
>
> 73,
> Ged.
>
> _______________________________________________
>
> clamav-users mailing list
> clamav-users at lists.clamav.net
> https://lists.clamav.net/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.clamav.net/pipermail/clamav-users/attachments/20191114/3ac51139/attachment.htm>
More information about the clamav-users
mailing list