We're getting frequent false positives from ClamAV for Win.Exploit.Unicode_Mixed-1 in tcpdump files from our IDS. Googling that virus name only turns up a few hits on virscan.org which seem to be indicating a tendency of that signature to trigger on logfiles and the like, but no actual information about the threat.
What is that signature trying to detect? Is this a Known Problem? What's the best way handle it? -- Tilman Schmidt Head of System and Network Engineering Tel. 0221 / 95 64 95 .417 Fax 0221 / 95 64 95 .999 e-Mail tschm...@cardtech.de cardtech Card & POS Service GmbH Richard-Byrd-Straße 37 50829 Köln www.cardtech.de AG Köln, HRB 20164 Geschäftsführer: Dr. Dietrich Gottwald, Christof Kohns, Jens Mahlke, Marcus W. Mosen _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
