false positives in ClamTk?
31 views
Skip to first unread message
Elizabeth England
Nov 14, 2017, 12:46:26 PM11/14/17
to BitCurator Users
Hi all,
ClamTk recently identified 12 possible threats (out of 62,459 files scanned) - each one reported PUA.Win.Exploit.CVE_2012_0110-1. The files are all .NEF (Nikon camera raw) and from googling PUA.Win.Exploit.CVE_2012_0110-1 it seems quite likely to be false positives, but, trying to do due diligence. Has anyone received similar false positives? I've quarantined the files and would like to run them through an alternative virus scanner, one that uses different signatures than Clam and can be run on demand, not running in the background all the time. Does anyone have a suggestion for another Linux virus scanner, maybe Sophos?
Also, since I know the files were generated in a Windows environment, I was thinking of virus scanning them on the Windows side of our FRED. Does anyone have experience with changing the default location for where quarantined files are stored?
Thanks,
Elizabeth
ClamTk recently identified 12 possible threats (out of 62,459 files scanned) - each one reported PUA.Win.Exploit.CVE_2012_0110-1. The files are all .NEF (Nikon camera raw) and from googling PUA.Win.Exploit.CVE_2012_0110-1 it seems quite likely to be false positives, but, trying to do due diligence. Has anyone received similar false positives? I've quarantined the files and would like to run them through an alternative virus scanner, one that uses different signatures than Clam and can be run on demand, not running in the background all the time. Does anyone have a suggestion for another Linux virus scanner, maybe Sophos?
Also, since I know the files were generated in a Windows environment, I was thinking of virus scanning them on the Windows side of our FRED. Does anyone have experience with changing the default location for where quarantined files are stored?
Thanks,
Elizabeth
Digital Processing Archivist
Special Collections
The Sheridan Libraries
Johns Hopkins University
3400 N Charles St
Baltimore, MD 21218
Reply all
Reply to author
Forward
0 new messages