> > I run clamav on linux, but I also have windows 7 installed. > I mounted the windows partition and ran a clamav scan, > which found the following viruses: > > /mnt/windows/Windows/System32/cliconfg.exe: Win.Virus.Expiro-9965977-0 > /mnt/windows/Windows/System32/spool/tools/PrintBrmEngine.exe: > Win.Virus.Expiro-9958014-0 > > I submitted both these files at virustotal.com. PrintBrmEngine.exe > was not detected by anything besides clamav, and cliconfg.exe > was only detected by clamav and google. So I am assuming these are > probably > fasle positives. Just wondering if anyone has an opinion about these. >
I think the db maintainers would be very pleased with your help fixing false positives. OT I think you need to airgap Windows7. If I remember correctly Microsoft distributed remote exploits just after it's EOL. _______________________________________________ Manage your clamav-users mailing list subscription / unsubscribe: https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/Cisco-Talos/clamav-documentation https://docs.clamav.net/#mailing-lists-and-chat
