Re: [clamav-users] Sporadic signature frequency

2017-04-15 Thread Rafael Ferreira 
That’s what I noticed as well, anyone know why? 

> On Apr 13, 2017, at 9:39 PM, Al Varnell  wrote:
> 
> Actually, they have been coming every 8 hours since 8 March. It was 6 hours 
> on 7 March and 4 hours before that.
> 
> -Al-
> 
> On Thu, Apr 13, 2017 at 07:09 PM, Alain Zidouemba wrote:
>> 
>> They come out every 6h.
>> 
>> -Alain
>> 
>>> On Apr 13, 2017, at 9:57 PM, Rafael Ferreira  wrote:
>>> 
>>> Hey folks, I've noticed that new sig databases are coming out at a fairly 
>>> inconsistent frequency lately,  is this accidental or for a particular 
>>> reason?
>>> 
>>> Rafael
> ___
> clamav-users mailing list
> clamav-users@lists.clamav.net
> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
> 
> 
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
> 
> http://www.clamav.net/contact.html#ml

___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] Heuristics.Encrypted.PDF

2017-04-15 Thread Reindl Harald 


Am 15.04.2017 um 16:51 schrieb Dino Edwards:

We seem to be getting a lot of false positives with the following message:

INFECTED, message contains virus: Heuristics.Encrypted.PDF

The reason I know they are false positives is because when looking at the 
attached PDFs, there is no passwords set on them. The simple answer would be to 
simply set ArchiveBlockEncrypted to false, however that's not a good solution. 
We need ArchiveBlockEncrypted enabled to block potential malware but we need to 
somehow stop these false positives.

Our clamav version is ClamAV 0.99.2


what do you expect from the list without a sample?
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

[clamav-users] Heuristics.Encrypted.PDF

2017-04-15 Thread Dino Edwards 
We seem to be getting a lot of false positives with the following message:

INFECTED, message contains virus: Heuristics.Encrypted.PDF

The reason I know they are false positives is because when looking at the 
attached PDFs, there is no passwords set on them. The simple answer would be to 
simply set ArchiveBlockEncrypted to false, however that's not a good solution. 
We need ArchiveBlockEncrypted enabled to block potential malware but we need to 
somehow stop these false positives.

Our clamav version is ClamAV 0.99.2


Thanks


Dino Edwards
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml