sarocet at gmail
Jun 17, 2009, 1:30 PM
Post #2 of 2
(1627 views)
Permalink
|
George Geller wrote:
> Recently, the scan has been giving me:
>
> sda1/Program Files/Microsoft Office/Office12/EXCEL.EXE:
> W32.Virut.Gen.D-163 FOUND
> sda1/Program Files/Microsoft Office/Office12/excelcnv.exe:
> W32.Virut.Gen.D-163 FOUND
> sda1/WINDOWS/SoftwareDistribution/Download/754e3b95d1b56e045c85bd49529d92b4/xlconv.cab:
> W32.Virut.Gen.D-163 FOUND
> sda1/WINDOWS/SoftwareDistribution/Download/488b87313a382b81238c79301c751bbd/excel.cab:
> W32.Virut.Gen.D-163 FOUND
> sda1/WINDOWS/Installer/789ce7.msp: W32.Virut.Gen.D-163 FOUND
> sda1/WINDOWS/Installer/789cfb.msp: W32.Virut.Gen.D-163 FOUND
>
> Since a full scan with Windows defender doesn't detect this issue and
> http://virusscan.jotti.org/ shows that 789cfb.msp is virus free with all
> programs except clam, I think this is a false positive.
>
> see http://wsms.wikiplanet.com/mediawiki/index.php/Clamscan for
> additional details.
>
> Please advise.
>
> Thanks, George
>
The third and fourth files contain the first and secodn, so it's the same.
Are they from reputable sources? Eg. are they digitally signed by Microsoft?
Just follow the usual procedure to report a false positive:
http://cgi.clamav.net/sendvirus.cgi
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
|
