@jimimaseye: Linux does get viruses (who says it doesn't). There are just a lot less then Windows. Even Mac has its infections. If you look through the ClamAV database, you will notice at times you will see unix/linux signatures being added. Also, ClamAV is actually cross-platform, but their primary focus is on Linux systems.

You can email Steve at sane and ask. The best thing to do is send an email with your description/concerns, the signature being idetified and with an attachment of some of the GENUINE workbooks (that you have written) to false_positive @t sanesecurity . me.uk More info: https://sanesecurity.co.uk/support/false-positives/

The Clam signatures were originally designed to detect rapidly-spreading email worms on infected attachments processed on Linux servers, which serve it up to users--who were/are primarily on Windows machines. This original design still stands--there is no consideration as to what effect a signature will have on a Windows system.

If you/I/anyone wants the situation to be better, then it is up to us to change it--somehow! It is/should be readily apparent to all by now. All my/your/our ranting is useless! The time taken could be better used!

Regards,

https://lists.clamav.net/pipermail/clamav-users/2016-February/002349.html

And dont forget to click NEXT MESSAGE (by thread) to continue reading through.

You will find someone not agreeing with your there Bob.

Since this topic was about the FPs of ClamAV, which have been resolved, I am going to go ahead and lock this thread.