GuitarBob
Joined: 09 Jul 2006 |
Posts: 9 |
Location: USA |
|
 |
Posted: Thu Nov 14, 2013 6:05 pm |
|
 |
 |
 |
 |
Yes, a false positive is when something is wrongly detected as a virus. A false negative detection is when something is not detected and it should be.
Anyway, your detections are probably false (Virtumonde doesn't seem to be that active now), but you should upload each one to either Jotti or Virus Total to be scanned by multiple AV programs, including the Clam AV scanning engine used by ClamWin. Look for at least a couple of detections by quality AVs for verification. I like to see at least a couple of these AVs detect something: Avira AntiVir, Bitdefender, Eset Nod32, Kaspersky, or Sophos. Avast, Fortinet, and Microsoft are also pretty good. Microsoft seldom gets a false positive. If a virus file is very new, it may not be detected by very many AVs until it has been around for a couple of days, so maybe a detection of only one of quality AV would be sufficient then. The AV service will tell you when they have last scanned a file.
You should submit all false positive detections to Clam AV at https://www.clamav.net/lang/en/sendvirus/ on the web so they can change the signature. There is one link for false positive submissions and another link for undetected virus submission.
Thank you for using ClamWin!
Regards,
|