The recent addition of Zip.Suspect.MiscDoubleExtension signatures has been causing a lot of trouble for us, as it keeps getting flagged for completely innocuous files such as foo_handle_pdf.js.
I've been adding each signature to our whitelist, such as Zip.Suspect.MiscDoubleExtension-1, Zip.Suspect.MiscDoubleExtension-2, etc. Is there a simple way to whitelist Zip.Suspect.MiscDoubleExtension-* ? I tried using a regex in the whitelist file to no avail. Thanks, Tim -- Tim _______________________________________________ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
