LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   Clamtk PUA Firefox (https://www.linuxquestions.org/questions/linux-newbie-8/clamtk-pua-firefox-4175563573/)

actinide 01-10-2016 02:43 PM
Clamtk PUA Firefox
 
Hi can anybody tell me why Clamtk is showing that adblock+ is infected with
PUA.Phishing.Bank.

Can anybody tell me if this is serious or it's Clamtks problem.

/mozilla/firefox/default/adblockplus/patterns.ini

unSpawn 01-10-2016 05:53 PM
ClamTK is just a frontend for ClamAV. The fact it marks Adblocks patterns.ini file as suspect makes me think it's a false positive (ini files aren't executed but read on application start) but to be sure you should search for and check the signature. Should look something like this (adjust dir name):

Code:
sigtool --datadir=/var/lib/clamav --find-sigs=PUA.Phishing.Bank | sigtool --decode-sig

Habitual 01-11-2016 06:24 AM
Why you ask? b/c you enabled PUA
 
Quote:
Originally Posted by actinide (Post 5476074)
Hi can anybody tell me why Clamtk is showing that adblock+ is infected with
PUA.Phishing.Bank.

Can anybody tell me if this is serious or it's Clamtks problem.

/mozilla/firefox/default/adblockplus/patterns.ini
PUA scanning has to be enabled, to find PUA "infections".
Either scan without PUA enabled, or don't use clamtk.

It's just a warm fuzzy on Linux anyway.


All times are GMT -5. The time now is 07:37 AM.