Xml.Exploit.CVE_2013_3860-1 FOUND |
ROCKNROLLKID
|
I suggest you upload the file to virustotal and make sure it is safe. If it is, then please file a false positive report at ClamAV's false positive mail here: http://www.clamav.net/contact
|
||||||||||||
|
karthikeyan
|
Hello
As scanned infected file on Virus total and results seems to be positive. update false positive results to clamv. /usr/share/doc/libxml2-python-2.6.26/reader2.py: Xml.Exploit.CVE_2013_3860-1 FOUND |
||||||||||||
|
GuitarBob
|
Clam AV is often a bit generic on files that are not Windows PE files--like batch files, text files, javascript, and html. There are lots of ways such files can be exploited by malware, and Clam AV does not have enough resources to dig too deep into them.
Over the years, I have learned to trust these AVs: Avira, Bitdefender, Eset Nod 32, Kaspersky, and Sophos. They use their own scan engines--not someone else's, and they have a good commercial user base to keep happy. If at least 2 of them say a file is infected, they are probably correct. Regards, |
||||||||||||
|
Lipper
|
False positive is fixed in daily 21975.
|
||||||||||||
|
Win.Exploit.CVE_2016_3316-1 False positive |
kasa1982
|
Dears,
I am using clamav on my server and unfortunetely, clavas has been detected and moved to "C:\ProgramData\.clamwin\quarantine" ALMOST all of my files. Any idea to restore this files do its original folders without move one by one? I have more than 20 thousands files with this false positive. Please help me. |
||||||||||||
|
GuitarBob
|
You said Clam AV. If you meant ClamWin, then read below. If you are using Clam AV, we cannot help you--Clam AV is a Linux app. ClamWin is a Windows app.
Ouch! The QRestore (quarantine restore) program in the ClamWin Bin folder was made to be used to restore items from quarantine. However...if you also use Clam Sentinel with ClamWin, the Sentinel Restore program is much better. You can click on the checkmark at the top to select all files at once, and then restore them. Sentinel Restore may not work for you if you are not now using it--anyway try it. Otherwise, I suggest you come up with some sort of removal script. Before starting, however, whitelist the entire folder (for now anyway) from both Clam Sentinel and CloamWin. There may be a script available--check the ClamWin forums. For the future: I suggest that you do not use either Clam AV or ClamWin on a server. You need something heavy duty for that sort of use. Good Luck! Regards, |
||||||||||||
|
kasa1982
|
Thanks a lot. It was very helpful.. I will get the tips. |
||||||||||||||
|
Xml.Exploit.CVE_2013_3860-1 FOUND |
|
||
Powered by phpBB © phpBB Group
Design by phpBBStyles.com | Styles Database.
Content © ClamWin Free Antivirus GNU GPL Free Software Open Source Virus Scanner. Free Windows Antivirus. Stay Virus Free with Free Software.
Design by phpBBStyles.com | Styles Database.
Content © ClamWin Free Antivirus GNU GPL Free Software Open Source Virus Scanner. Free Windows Antivirus. Stay Virus Free with Free Software.