ClamWin Free Antivirus Forum Index
ClamWin Free Antivirus
Support and Discussion Forums
ClamWin Free Antivirus Forum Index » Virus Scanner
Reply to topic
Exploit.JS.CVE-2005-1790.A
fj1372D>


Joined: 18 Mar 2007
Posts: 0
Post Posted: Sun Mar 18, 2007 5:29 pm Reply with quote
ClamWin identified Exploit.JS.CVE-2005-1790.A in file C:\ProgramData\Symantec\LiveUpdate\Downloads\1171504390jtun_nisenidfull25.x86.full.zip. I submitted the file to VirusTotal and ClamAV 0.90.1 was the only scanner to identify the exploit. My question is this a real exploit or a false positive found in an update of the Norton virus database. Has anyone else had this result?

Thank you
View user's profileSend private message
alch
Site Admin

Joined: 27 Nov 2005
Posts: 0
Post Posted: Sun Mar 18, 2007 10:59 pm Reply with quote
most likely it is a false positive. Try to unpack the archive and identify an individual file that causes the detection. Then rescan it on virustotal
View user's profileSend private message
fj1372D>


Joined: 18 Mar 2007
Posts: 0
Post Posted: Tue Mar 20, 2007 4:18 pm Reply with quote
The file in the archive clamwin flagged was sigs.dat, which I am pretty sure is a Norton signatures database file. Again, clamwin was the only engine on VirusTotal that flagged the file as a threat.
View user's profileSend private message
Exploit.JS.CVE-2005-1790.A
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
 		All times are GMT  
Page 1 of 1  
  
  
ClamWin Free Antivirus Forum Index » Virus Scanner
 Reply to topic