GuitarBob
Joined: 09 Jul 2006 |
Posts: 9 |
Location: USA |
|
 |
Posted: Tue Nov 06, 2018 11:36 pm |
|
 |
 |
 |
 |
ClamWin uses the Clam AV scanning engine and signatures from the open source Clam AV project. The Clam AV signatures find a bit more false positive detections than other AVs. I suggest that you scan the file(s) involved with the free Virus Total online scanner. If 2 of these AVs detect an infection, I will believe it is a valid detection: Avira, Bitdefender, Eset Nod 32, Kaspersky, or Sophos. If they do not, then look to see if at least 2 other major AVs detect it--such as Microsoft, Avast, AVG...
If it is a false positive detection that is only detected by Clam AV on Virus Total, Virus Total will send a copy of the file to Clam AV so they can correct their signature, which will eventually be received by ClamWin in a Clam AV signature update. This may take several days, however, so you might be able to speed things up by uploading a copy of the falsely-detected file to Clam AV via the Contacts link on the Clam AV web site. Be sure to select the false positive link--not the report a virus link. You can temporarily exclude/whitelist a file from ClamWin's scans via the Tools, Preferences, Filters, Exclude Matching Filenames menu item. I would give Clam AV about 2 weeks to correct their signature--no one works on Clam fulltime at Cisco.
Thanks for using ClamWin!
|