GuitarBob
Joined: 09 Jul 2006 |
Posts: 9 |
Location: USA |
|
 |
Posted: Mon Dec 24, 2012 12:53 am |
|
 |
 |
 |
 |
The sendvirus link at Clam AV is the only way to report a file that is falsely-detected by ClamWin as infected with malware (virus, worm, rootkit, exploit, etc.). ClamWin uses the Clam AV scanning engine and signature database, as it ports over the Clam AV Linux code over to Windows.
The sendvirus procedure fairly easy to use--except maybe for the first time. On the sendvirus page, you have one link to report a false positive and another link to report/send a real malware sample. You should click the false positive link. Once you do, you will see the false positive reporting form. Insert your name and email address and tell them if you want to be notified when they have fixed the false positive. Clam needs actual files that are falsely detected as malware, so next click on browse and find the file on your computer that is falsely-detected and click on it. The file will be put in the box on the form next to browse. Next, go on down the page and insert the name of the malware tha is falsely detected--or you can just paste in the Description area on the report the section of the ClamWin scan report that mentions the false positive detection, which will have the falsely-detected malware name. They click on submit, and you are finished. It may take 30 seconds or a bit longer for Clam to upload the file from your computer to their submission interface. Wait until you get a message that your submission has been accepted--you may have to move the page up to see the message.
Submitting a malware sample is very similar to this procedure for submitting a false positive, but you have to select the submit a malware sample link to do that. Clam needs the actual files--it can do nothing with a ClamWin scan report.
You will be helping about 500,000 or so other ClamWin users every time you submit a false positive or malware sample.
Thanks for using ClamWin!
Regards,
|