>From time to time I am checking my Windows partitions when using Linux on the >same machine. Yesterday I got: /windows/C/Windows/SysWOW64/explorer.exe: Win.Trojan.Bamital-1158 FOUND /windows/C/Windows/winsxs/wow64_microsoft-windows-explorer_[...]_6.1.7601.17567_none_[...]/explorer.exe: Win.Trojan.Bamital-1158 FOUND
The clamscan call: clamscan --max-recursion=300 --max-dir-recursion=300 --max-files=1000000 --max-filesize=4095M --max-scansize=4095M -r --detect-pua=yes --log=reportclam Both files are the same according to Linux diff. clamscan is the only AV that finds these Trojans, I also tried VirusTotal and Metascan on the Web. The other AVs that I use for Linux also do not find these 2. This explorer.exe has a MD5: md5sum explorer.exe 8b88ebbb05a0e56b7dcc708498c02b3e explorer.exe Is this a known false positive for clamscan? Best regards Pete _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
