search

Cisco-Talos / clamav

ClamAV - Documentation is here: https://docs.clamav.net
https://www.clamav.net/
GNU General Public License v2.0
4.43k stars 706 forks source link

Windows Defender killed clamscan process and quarantined file (Behavior:Win32/Meterpreter.A!sms) #1368

Open boydfields opened 2 months ago

boydfields commented 2 months ago

Whilst running clamscan.exe, mid-way through Windows Defender killed the process and quarantined it.

It was detected as "Behavior:Win32/Meterpreter.A!sms"

Version 1.4.1.0.

Please advise? Thank you Boyd

rsundriyal commented 1 month ago

@boydfields

Can you share more details about how and what is scanned? And also about the signatures database used(version)?

If the issue is reproducible only when scanning a specific file, please attach it or its hash (if available).

For details - https://docs.clamav.net/manual/Usage/ReportABug.html