Alain Zidouemba wrote: > Massimo, > > Actually, I'd recommend you send it in here: > http://www.clamav.net/lang/en/sendvirus/ > > That way we can review your file that was detected > as BC.Exploit.CVE_2012_0165 and tell you if you are dealing with a true > positive of a false positive. In the case of a false positive, your sample > will help us improve our signature.
I've had a report here as well that any .docx file was triggering this signature; the customer reported they checked the files with several other scanners and all reported the files as clean. I've asked if they can send an affected file, or create a test file; if I can get a sample I'll report it as a FP. -kgd _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
