Tim Clarke wrote:
Suddenly had four false positives from clamav last night.
...
...\Common Files\GTK\2.0\uninst.exe: Trojan.Clicker.Small-100 FOUND
...\Gaim\gaim-uninst.exe: Trojan.Clicker.Small-100 FOUND
...\ethereal-setup-0.10.12.exe: Trojan.Clicker.Small-100 FOUND
...\gaim-1.5.0.exe: Trojan.Clicker.Small-100 FOUND
Any ideas anyone?
This may not shed much light on the situation, but given that those are
all installers for open source apps., they're probably all instances of
the nullsoft installer (http://nsis.sourceforge.net/), and thus you're
probably seeing one false positive. You could confirm this by running
ClamAV on another machine, first proving that it's clean, then
installing one of these apps. from a fresh downloaded from a trusted source.
No mention on the nullsoft site of a known false positive against their
installer, but if that was a newly added signature, it may be too soon.
Might be worth doing a Google Groups search.
-Tom
--
Tom Metro
Venture Logic, Newton, MA, USA
"Enterprise solutions through open source."
Professional Profile: http://tmetro.venturelogic.com/
_______________________________________________
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-win32
