|
Expertone
| Joined: 02 Jan 2013 |
| Posts: 0 |
|
|
|
 Posted: Fri Dec 07, 2018 2:48 pm |
|
 |
 |
|
|
ClamWin (latest version: https://gyazo.com/5cd79d3fb8209560b99d17433a4a8fa3 ) on win2012 server, detected Uranium backup v9.6.1.6984 compromised by a virus.
C:\Program Files (x86)\Uranium Backup\Uranium.exe: Win.Trojan.Generic-6629246-0 FOUND
i think is a false positive, i've tested uranium.exe with virus total and seems clean.
https://gyazo.com/788a74e9ce4db2c5237e8a06e4426065
Even clamAV on VirusTotal have passed the test, so why
there is a way to exclude the uranium.exe from antivirus scanning??
thanks
|
|
|
|
GuitarBob
| Joined: 09 Jul 2006 |
| Posts: 9 |
| Location: USA |
|
|
| Posted: Sat Dec 08, 2018 10:09 pm |
|
|
|
|
|
ClamWin uses the Clam AV scan engine, so they are usually the same in detection. However, ClamWin is a couple of versions behind Clam AV now, and perhaps it is missing some of the new Clam AV code which causes it to detect your file. This sometimes happens.
You can exclude (whitelist) a file from scanning by ClamWin via Tools, Preferences, Filters, Exclude Matching Filenames. Just insert the entire location--folder, subfolder, filename, extension. Example: C:\Malware\Testsets\Testfile.exe. (no period at end). Exclude an entire folder via: C:\Malware\*. (no period at end). Whitelisting will exclude the file from directory scanning; however, it will not be excluded during a single file scan.
Thanks for using ClamWin!
Regards,
|
|
|
