Am 15.04.2017 um 16:51 schrieb Dino Edwards:
We seem to be getting a lot of false positives with the following message:
INFECTED, message contains virus: Heuristics.Encrypted.PDF
The reason I know they are false positives is because when looking at the
attached PDFs, there is no passwords set on them. The simple answer would be to
simply set ArchiveBlockEncrypted to false, however that's not a good solution.
We need ArchiveBlockEncrypted enabled to block potential malware but we need to
somehow stop these false positives.
Our clamav version is ClamAV 0.99.2
what do you expect from the list without a sample?
_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
