ClamWin Free Antivirus Forum Index
ClamWin Free Antivirus
Support and Discussion Forums
Reply to topic
Exploit.Linux.Gv found
kinetix


Joined: 14 Nov 2006
Posts: 1
Reply with quote
I am using clamwin 0.88.5 to scan my old WIN98 PC and it comes up with:

C:\WIN98\DRIVER16.CAB Exploit.Linux.Gv FOUND
C:\WINDOWS\SYSTEM\PSCRIPT.DRV Exploit.Linux.Gv FOUND

I couldn't find anything on Google, so I assume its a false scan. Can anyone confirm this?

Thanks Smile
View user's profileSend private message
Matthew


Joined: 14 Nov 2006
Posts: 7
Location: Germany
Reply with quote
Hallo!

My Clamwin 0.88.5 also found this malware tonight:

D:\BROWSER\Flock\flock\gm.exe: Exploit.Linux.Gv FOUND

In Online-Scan on http://www.virustotal.com/en/indexf.html http://www.virustotal.com/en/indexf.html the Virus-Scanners didn`t find anything, only the ClamWin-scanner did.

Greetings from
Matthew
View user's profileSend private message
sherpya


Joined: 22 Mar 2006
Posts: 898
Location: Italy
Reply with quote
it seams to be a false positive, report it directly to clamav team http://www.clamav.net/sendvirus.html http://www.clamav.net/sendvirus.html
View user's profileSend private message
RE: Exploit.Linux.Gv
wvpv


Joined: 14 Nov 2006
Posts: 1
Reply with quote
Got the same thing. I think it's a false positive.

c:\Program Files\Macromedia\Flash 8\GhostScript.dll: Exploit.Linux.Gv FOUND
c:\WINDOWS\Downloaded Installations\Macromedia Flash 8\Data1.cab: Exploit.Linux.Gv FOUND

I'm runing 0.88.5 with with the latest defs.
View user's profileSend private message
gkb


Joined: 01 Jun 2006
Posts: 4
Reply with quote
Same problem with 0.88.5 this morning :

C:\CutePrinter\Ghostscript\gsdll32.dll: Exploit.Linux.Gv FOUND

-----------------

NOTE: I also have 2 other computer with ClamWin, but version 0.88.4 or older, and with the same CutePrinter program installed. On these computer, ClamWin doesn't detect a falsfe viruse there ??? Very strange ! ClamWin use the same Virus Database for any version...
View user's profileSend private message
srosa


Joined: 29 Aug 2006
Posts: 1
Location: Dallas, TX
Reply with quote
We are using clamwin 0.88.5 and we are receiving reports of this same exploit:

C:\Program Files\Ghostgum\gsview\gsview32.exe: Exploit.Linux.Gv FOUND
C:\Program Files\Ghostgum\gsview\epstool.exe: Exploit.Linux.Gv FOUND

We have scans and virus definition updates scheduled to run daily early in the morning (1 am EST). After trying to uninstall and re-install the application to no avail, I updated our virus definitions and tried the scan again. Voila! The original virus reported was gone.
View user's profileSend private message
sherpya


Joined: 22 Mar 2006
Posts: 898
Location: Italy
Reply with quote
I'm just thinking that Exploit.Linux.Gv signature in clamav db needs really to be revised and/or removed Smile
View user's profileSend private message
And another one...
Gremnebulin


Joined: 16 Nov 2006
Posts: 1
Location: Sussex,UK
Reply with quote
I:\installers\lnx_pkges\common_src\ghostscript-8.54\src\dscparse.c: Exploit.Linux.Gv FOUND
I:\installers\lnx_pkges\common_src\ghostscript-8.54\src\dscparse.h: Exploit.Linux.Gv FOUND
View user's profileSend private message
Matthew


Joined: 14 Nov 2006
Posts: 7
Location: Germany
Reply with quote
Some minutes ago I did a new scan with my own updated ClamWin 0.88.5 and it didn`t find anything. I did a new scan at virustotal and this time only the Ikarus-Scanner did find the "Exploit.Linux.Gv", ClamWin says ok.

Matthew
View user's profileSend private message
sherpya


Joined: 22 Mar 2006
Posts: 898
Location: Italy
Reply with quote
clamav team removed the signature probably it was wrong made
View user's profileSend private message
Exploit.Linux.Gv found
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
All times are GMT  
Page 1 of 1  

  
  
 Reply to topic