I am using ClamWin 0.95.2 and
main.cvd is up to date (version: 51, sigs: 545035, f-level: 42, builder: sven)

CalmWin finds the following:
C:\WINDOWS\system32\dllcache\wextract.exe: Trojan.Vundo-28327 FOUND

Other websites has reported this as a FP.
Can someone confirm?

If you have used the file for some time without any problems and if it has not changed (look at the file date), it is probably a false positive detection. You can upload it to Jotti or Virus Total to confirm that. If it is a FP, please upload it to Clam and tell them it is a FP.

Regards,

The virus total results indicates a FP.
How do I upload this information to ClamWin?


File has already been analysed:
MD5: ae33b913a67434d2ab21a3a1633490c4
First received: 2009.02.21 22:19:34 UTC
Date: 2009.09.02 10:49:56 UTC [<1D]
Results: 0/41
Permalink: analisis/73955b36963128598e46e9ce468540e9261db3b7d0f98a172f4cfb0fe83ceff1-1251888596

I have the same issue and the file has a date stamp of 2005. I uploaded to both virus sites mentioned above and only clamwin has it as a virus. I am running win2003 server.

You should upload both false positive files and infected files that ClamWin doesn't detect to Clam AV (which furnishes the scanning engine and signature files for ClamWin) at https://www.clamav.net/sendvirus/ on the web. When you get to the upload page, be sure to check the false positive block, and tell in the comments section why you think it is a false positive detection and the exact name of the false virus detection. You will be helping to make ClamWin better!

Regards,