![]() |
![]() | The scanner screen/list is overflowing and real threats lost | ![]() |
![]() |
![]() | ![]() |
GuitarBob
![]() |
![]() |
Do you need to see the scan results during a scan? Can you look at the scan log to see scan results after the fact? If you have the infected file option set to Quarantine, any threats will be quarantined.
Regards, |
|||||||||||
|
![]() |
![]() | ![]() |
Fojtik
![]() |
![]() |
I have found a lot of false positives inside system files. They are printed as blue and clamwin asks me to send them. It means that Microsoft's digital signature is valid and ensures file integrity - I understand this such a way. The only possible way for infection would be if the Microsoft's certificate has been stolen and misused by hackers. Putting system files to quarantine will completely corrupt operating system.
I really need to enlarge table for more rows otherwise scan result top rows are lost. |
|||||||||||||||
|
![]() |
![]() | ![]() |
GuitarBob
![]() |
![]() |
I do not think Microsoft's cert has been stolen or is invalid. These look like normal system files that are falsely (erroneously) detected due to a bad Clam AV signature. The Clam AV project has an antivirus that is used by Linux email servers. The ClamWin developers prepare a Windows port for the Clam Av Linux code, and ClamWin also uses the virus signatures prepared by the Clam AV project. I recommend that you send one file to Clam AV at https://www.clamav.net/reports/fp on the web. Clam AV should correct their signature within a week or so. You only have to send one file because the false positive detections all seem to be for the same signature. When you get a lot of detections for the same virus, that is a pretty good sign of a true false positive.
These warnings of false positive detections were developed by the ClamWin developers several years ago when we were getting a lot of false positives from Clam AV. You could actually just ignore the false positive detections, but I suggest you do what I said above. Thanks for using ClamWin! Regards, |
|||||||||||
|
![]() |
![]() | ![]() |
Fojtik
![]() |
![]() |
Yes, I will do it. But I have asked in this thread for table to enlarge amount of available rows. The current limitation is very tight without any reason. |
|||||||||||||
|
![]() |
![]() | ![]() |
GuitarBob
![]() |
![]() |
I will pass this on to the developers; however, they are reluctant to make any change to ClamWin. In fact, they have not updated ClamWin for over a year now, and there have been several new updates of Clam AV.
Thanks for using ClamWin. Regards, |
|||||||||||
|
![]() |
![]() | ![]() |
Fojtik
![]() |
![]() |
Thank you very much. I simply guess that amount of lines is in one hardcoded number e.g. property of the widget. The table is still overflowing:
As you can note there are still a lot of false positives. |
|||||||||||||||
|
![]() |
![]() | ![]() |
GuitarBob
![]() |
![]() |
Yes, I see there are lots of false positives. There's nothing ClamWin can do about them. The scan message is just to let you know about it, so you can send the files that are falsely detect to Clam Av so they can change the signature. If all of the false positives detect the same malware, you should only send one or two files and tell Clam their signature falsely detects lots more.
I sent email to the ClamWin developers about this problem with not enough lines in the scan report. That's all I can do, as I am not a programmer. It has been a while now, and since we haven't heard from them, I guess they do not want to change the code to enlarge the number of lines. I don't know for sure, but the original ClamWin code that addresses strictly Windows items may have been written by someone else who is no longer around, and that could be why the developers are reluctant to make any changes. It's just a thought though, and it certainly doesn't help you. I personally rely upon a commercial AV for security and keep ClamWin around for old time's sake. Regards, |
|||||||||||
|
![]() |
![]() | The scanner screen/list is overflowing and real threats lost | ![]() |
|
||
![]() |
![]() |
Powered by phpBB © phpBB Group
Design by phpBBStyles.com | Styles Database.
Content © ClamWin Free Antivirus GNU GPL Free Software Open Source Virus Scanner. Free Windows Antivirus. Stay Virus Free with Free Software.
Design by phpBBStyles.com | Styles Database.
Content © ClamWin Free Antivirus GNU GPL Free Software Open Source Virus Scanner. Free Windows Antivirus. Stay Virus Free with Free Software.