7 October 2009
Researching false positives reported by ClamWin
Several months back, I had to wrestle with a virus on my work computer (obtained via network shares, though I was never really sure how; best guess was an autorun weakness someone had heard about). Around a year ago my home laptop was infected. McAffee was useless, so I used a combination of Malwarebytes and ClamWin to do the clean up. I've had ClamWin running nightly ever since but unfortunately have had a few false positives. One on 17 July and another on 26 July. The hpHosts blog was a top hit in both instances.
Got another warning this morning: clamwin user32.dll.infected: Trojan.Onlinegames-1755
. Searching on that brought up a thread on the ClamWin forums, which then pointed me to their article "How can I report a virus that ClamWin doesn't recognise? Or a false positive?". From this, they pointed to the VirusTotal site, which allows you to upload a file for it to examine and report the results from various virus scans. Very useful. Their scan of my suspect file showed it was clean.
[ updated 16 Dec 2009 ]
Report false positives directly to ClamAV here.
- Smart watch 2 posted by sstrader on 12 March 2015 at 12:38:39 PM
- Smart watch posted by sstrader on 13 September 2014 at 12:22:31 PM
- FreedomPop posted by sstrader on 8 January 2013 at 4:48:48 PM
- The HTC Flyer Android tablet posted by sstrader on 27 December 2011 at 6:06:18 PM
- Ownership posted by sstrader on 29 April 2011 at 6:09:12 PM Other entries categorized in Science & Technology:
- Posthuman dystopia posted by sstrader on 22 March 2015 at 10:21:25 AM
- Today's reading list posted by sstrader on 19 January 2014 at 12:10:54 PM
- Closing posted by sstrader on 18 January 2014 at 9:51:27 AM
- Info wars 2010 posted by sstrader on 13 February 2010 at 11:50:50 AM
- Limiting noise posted by sstrader on 15 December 2009 at 9:58:00 AM