[clamav-users] False positive

Discussion:

Groach

2018-08-03 06:36:22 UTC

An overnight scan has just pulled out a false positive on a program.
Its against Winscp (file transfer program) that is a genuine download
and been used for years. It's not the first time it has been hit as a
FP and took several attempts previously to get it whitelisted before but
now its back as an FP detection again.

Ive uploaded/reported against http://www.clamav.net/reports/fp.

Is there a chance of it being picked up and and actioned? If so, how
long will it take?

Thanks

Joel Esler (jesler)

2018-08-03 13:31:28 UTC

Permalink

What is the md5?

On Aug 3, 2018, at 2:36 AM, Groach <groachmail-***@yahoo.com<mailto:groachmail-***@yahoo.com>> wrote:

An overnight scan has just pulled out a false positive on a program. Its against Winscp (file transfer program) that is a genuine download and been used for years. It's not the first time it has been hit as a FP and took several attempts previously to get it whitelisted before but now its back as an FP detection again.

Ive uploaded/reported against http://www.clamav.net/reports/fp.

Is there a chance of it being picked up and and actioned? If so, how long will it take?

Thanks
_______________________________________________
clamav-users mailing list
clamav-***@lists.clamav.net<mailto:clamav-***@lists.clamav.net>
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users

Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Groach

2018-08-04 07:00:55 UTC

Permalink

I don't know. I am an administrator of the server following the procedure given by your website (ie, reporting the fp to your website) and now currently sat in a field on a (supposed) vacation. I don't have the time our will to research extra tools or install software to do further research beyond that of the instructions of use in the clamav documentation. I can tell you that the fp happened again last night:

winscp551.zip: Win.Trojan.Generic-6629296-0 FOUND

(I won't bother uploading the fp to the website again).

Does the report help?

Post by Joel Esler (jesler)
What is the md5?
On Aug 3, 2018, at 2:36 AM, Groach
An overnight scan has just pulled out a false positive on a program.
Its against Winscp (file transfer program) that is a genuine download
and been used for years. It's not the first time it has been hit as a
FP and took several attempts previously to get it whitelisted before
but now its back as an FP detection again.
Ive uploaded/reported against http://www.clamav.net/reports/fp.
Is there a chance of it being picked up and and actioned? If so, how long will it take?
Thanks
_______________________________________________
clamav-users mailing list
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml

Continue reading on narkive:

Search results for '[clamav-users] False positive' (Questions and Answers)

replies

can i be geting a false positive?

started 2007-02-22 12:32:06 UTC

pregnancy

replies

what are the chances of getting a false positive?

started 2010-04-14 10:21:13 UTC

pregnancy

replies

Can a home pregnancy test (I used first response) give you a false positive?