[clamav-users] False positive - CRDF.Malware-Generic.3661413036.UNOFFICIAL

Hello, I found a problem with false positive malware CRDF.Malware-Generic.3661413036.UNOFFICIAL. I wanted to decode and bypass this signature but it looks like this can be an image signature or another type of signature /usr/local/sbin/clamav-unofficial-sigs.sh -d Input a third-party

Re: [clamav-users] False positive - CRDF.Malware-Generic.3661413036.UNOFFICIAL

Hello Steve, Thank you for your explanation. I found that last occurrence was about 11:22 CET so I'm not affected now. When I get information about this problem this was on my whitelist as you wrote. Anyway I know what was happen. Once again - thank you! Cheers, Pawel -Original

Re: [clamav-users] false positives

Hello Steve, Thank you for your answer. Cheers, Pawel -Original Message- From: clamav-users-boun...@lists.clamav.net [mailto:clamav-users-boun...@lists.clamav.net] On Behalf Of Steve Basford Sent: Wednesday, August 21, 2013 7:25 PM To: ClamAV users ML Subject: Re: [clamav-users] false

Re: [clamav-users] false positives

Hi, I had exactly the same problem with emails on my servers. I found two subscriptions those has been blocking emails from major ISPs in my country. Finally I decided to bypass these subscriptions Example1 fgrep -h Sanesecurity.Jurlbl.2650 *.ndb | sigtool --decode-sigs VIRUS NAME: