|Main Archive Page > Month Archives > clamav-users archives|
This might help shed some light:
If you can locate the safebrowsing.cvd on your computer, you can unpack it
with sigtool and view at the contents.
On Tue, Jan 21, 2014 at 1:40 PM, Alex <email@example.com> wrote:
> I received a number of messages on the 17th that were tagged incorrectly
> X-Amavis-Alert: INFECTED, message contains virus:
> I tried to figure out what the pattern was, but apparently it no longer
> # sigtool --find-sigs Heuristics.Safebrowsing | sigtool --decode-sigs
> I've tried variations of this, but was unable to locate any signs of it.
> What is the proper way to search for this particular pattern, and does
> anyone have any info on what it might have been on the 17th that would
> cause such a false-positive?
> Help us build a comprehensive ClamAV guide:
Help us build a comprehensive ClamAV guide: