[clamav-users] libclamunrar.dll being quarantined by Vipre Enterprise

Micah Snyder (micasnyd) micasnyd at cisco.com
Tue Feb 18 18:24:04 UTC 2020


Thanks for the heads up Brian!

We've reached out to Microsoft to attempt to address the issue.  I will also reach out to the UnRAR developer to make sure he is aware.  Even if Microsoft changes their detection, I suspect the others will continue to alert and we may want to reach out to some of the other companies to correct the FP.

-Micah


Micah Snyder
ClamAV Development
Talos
Cisco Systems, Inc.
 


On 2/18/20, 9:18 AM, "clamav-users on behalf of Steve Basford" <clamav-users-bounces at lists.clamav.net on behalf of steveb_clamav at sanesecurity.com> wrote:

    On 2020-02-18 13:58, Brian Fluet wrote:
    > File libclamunrar.dll from ClamAV 0.102.2 win x86 portable is being
    > quarantined by Sunbelt Vipre Enterprise as Trojan.GenericKD.42582612.
    > 
    > The first detection was at 5:44 PM EST on Friday Feb 14.
    > 
    > Microsoft is the only product that flags it as infected on VirusTotal
    > as Trojan:Win32/Detplock.
    > 
    > I submitted the file as a false positive to Sunbelt yesterday but
    > have not heard back.
    > 
    > I apologize if this ends up being a duplicate post.  I attempted one
    > yesterday that has not appeared in the archives.
    > 
    
      SHA-256 
    8244bc93e71a78be156adf1bfef0785b4f3cd6725d095ffe7ed528ff08e8458c
    
    Other AV's are also flagging... but maybe the same FP signature:
    
    https://www.virustotal.com/gui/file/8244bc93e71a78be156adf1bfef0785b4f3cd6725d095ffe7ed528ff08e8458c/detection
    
    
    -- 
    Cheers,
    
    Steve
    Sanesecurity
    
    _______________________________________________
    
    clamav-users mailing list
    clamav-users at lists.clamav.net
    https://lists.clamav.net/mailman/listinfo/clamav-users
    
    
    Help us build a comprehensive ClamAV guide:
    https://github.com/vrtadmin/clamav-faq
    
    http://www.clamav.net/contact.html#ml
    



More information about the clamav-users mailing list