Hello users, On my home network, all http traffic is transparently passed through DansGuardian, which uses clamd to scan any downloads for viruses. I am running ClamAv CVS on the home router, which is just a FreeBSD box giving "controlled" access to all the services my neighbours would ever want to use. Such controls involve virus scanning and content filtering.
Today, I received the following notification after clamd decided that a download was a Broken Executable. This download happens to be from Microshit servers, yes? I manually downloaded the file in question and as much as I can attest, it is not broken. It ran without any problem and it's a legit M$ file. So I am thinking here is a case of an FP from clamd. Ideas?? ----- Forwarded message from DansGuardian Anti-Virus <[EMAIL PROTECTED]> ----- From: DansGuardian Anti-Virus <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Date: Sun, 5 Jun 2005 15:19:54 +0300 Subject: Virus Found by DansGuardian Anti-Virus Virus : Broken.Executable User : - URL : http://download.windowsupdate.com/msdownload/update/v3-19990518/cabpool/VBS56NEN_60DD81FED024143825A697259A3DFB0EB9F530F5.EXE User IP : 192.168.51.4 ----- End forwarded message ----- -Wash http://www.netmeister.org/news/learn2quote.html -- +======================================================================+ |\ _,,,---,,_ | Odhiambo Washington <[EMAIL PROTECTED]> Zzz /,`.-'`' -. ;-;;,_ | Wananchi Online Ltd. www.wananchi.com |,4- ) )-,_. ,\ ( `'-'| Tel: +254 20 313985-9 +254 20 313922 '---''(_/--' `-'\_) | GSM: +254 722 743223 +254 733 744121 +======================================================================+ The grand leap of the whale up the Fall of Niagara is esteemed, by all who have seen it, as one of the finest spectacles in nature. -- Benjamin Franklin. _______________________________________________ http://lurker.clamav.net/list/clamav-users.html
