* Securiteinfo.com <[EMAIL PROTECTED]> [20050605 15:53]: wrote: > Hello, > > Le dimanche 5 Juin 2005 14:33, Odhiambo Washington a écrit : > > Hello users, > > > > On my home network, all http traffic is transparently passed through > > DansGuardian, which uses clamd to scan any downloads for viruses. > > I am running ClamAv CVS on the home router, which is just a FreeBSD > > box giving "controlled" access to all the services my neighbours would > > ever want to use. Such controls involve virus scanning and content > > filtering. > > > > Today, I received the following notification after clamd decided that > > a download was a Broken Executable. This download happens to be from > > Microshit servers, yes? > > > > I manually downloaded the file in question and as much as I can attest, > > it is not broken. It ran without any problem and it's a legit M$ file. > > > > So I am thinking here is a case of an FP from clamd. Ideas?? > > As far as I know, it's not a FP. Some setup.exe or install.exe are detected > as > "Broken PE" by Clamav. These install programs are not using standard exe > format. That's not mean they are malwares.
I trust the guys at Redmond are capable of creating non-standard exe. It will not be the first time they have broken a standard! I'll let the matter to rest there. -Wash http://www.netmeister.org/news/learn2quote.html -- +======================================================================+ |\ _,,,---,,_ | Odhiambo Washington <[EMAIL PROTECTED]> Zzz /,`.-'`' -. ;-;;,_ | Wananchi Online Ltd. www.wananchi.com |,4- ) )-,_. ,\ ( `'-'| Tel: +254 20 313985-9 +254 20 313922 '---''(_/--' `-'\_) | GSM: +254 722 743223 +254 733 744121 +======================================================================+ Who messed with my anti-paranoia shot? _______________________________________________ http://lurker.clamav.net/list/clamav-users.html
