[Pkg-clamav-devel] Bug#833110: clamav: False positive with MonoPosixHelper-x86_64.dll (mono package)

diego cuenta_chunga at hotmail.com
Sun Jul 31 23:42:19 UTC 2016 

Package: clamav
Version: 0.99.2+dfsg-2
Severity: minor

Dear Maintainer,

Clamscan detects MonoPosixHelper-x86_64.dll as infected:
Win.Trojan.Agent-1429193

I send the file to virustotal.com and the only one antivirus detecting this
file as infected was clamav.



-- Package-specific info:
--- configuration ---
# Automatically created by the clamav-freshclam postinst
# Comments will get lost when you reconfigure the clamav-freshclam package

DatabaseOwner clamav
UpdateLogFile /var/log/clamav/freshclam.log
LogVerbose false
LogSyslog false
LogFacility LOG_LOCAL6
LogFileMaxSize 0
LogRotate true
LogTime true
Foreground false
Debug false
MaxAttempts 5
DatabaseDirectory /var/lib/clamav
DNSDatabaseInfo current.cvd.clamav.net
ConnectTimeout 30
ReceiveTimeout 30
TestDatabases yes
ScriptedUpdates yes
CompressLocalDatabase no
SafeBrowsing false
Bytecode true
NotifyClamd /etc/clamav/clamd.conf
# Check for new database 24 times a day
Checks 24
DatabaseMirror db.local.clamav.net
DatabaseMirror database.clamav.net

--- data dir ---
total 138056
-rw-r--r-- 1 clamav clamav    446464 Jun 24 21:30 bytecode.cld
drwxr-xr-x 2 clamav clamav      4096 Oct 27  2015 clamav-97891f786b8933c0bf60853f1bb15744.tmp
-rw-r--r-- 1 clamav clamav  31764480 Jul 31 22:28 daily.cld
-rw-r--r-- 1 clamav clamav 109143933 Mar 17 21:24 main.cvd
-rw------- 1 clamav clamav      2444 Aug  1 01:29 mirrors.dat

-- System Information:
Debian Release: stretch/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.6.0-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=es_ES.utf8, LC_CTYPE=es_ES.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages clamav depends on:
ii  clamav-freshclam [clamav-data]  0.99.2+dfsg-2
ii  libc6                           2.23-2
ii  libclamav7                      0.99.2+dfsg-2
ii  libcurl3                        7.47.0-1
ii  libssl1.0.2                     1.0.2h-1
ii  zlib1g                          1:1.2.8.dfsg-2+b1

Versions of packages clamav recommends:
ii  clamav-base  0.99.2+dfsg-2

Versions of packages clamav suggests:
pn  clamav-docs  <none>

-- no debconf information

More information about the Pkg-clamav-devel mailing list