It seems to me that a detection of Trojan.Fakesec-310 is too weak and all files compiled by
mingw32/3.2.0_gcc-4.3.0 are candidates for positive scanning. AVG does not see virus in these files.

I have uploaded several of these files, but you allow me a rate two files per day.

It would be better to improve detection rule.


Scan Started Tue Feb 15 13:26:14 2011
-------------------------------------------------------------------------------

D:\Program Files\Octave\3.2.0_gcc-4.3.0\mingw32\bin\addr2line.exe: Trojan.Fakesec-310 FOUND
D:\Program Files\Octave\3.2.0_gcc-4.3.0\mingw32\bin\ar.exe: Trojan.Fakesec-310 FOUND
D:\Program Files\Octave\3.2.0_gcc-4.3.0\mingw32\bin\as.exe: Trojan.Fakesec-310 FOUND
D:\Program Files\Octave\3.2.0_gcc-4.3.0\mingw32\bin\c++filt.exe: Trojan.Fakesec-310 FOUND
D:\Program Files\Octave\3.2.0_gcc-4.3.0\mingw32\bin\dlltool.exe: Trojan.Fakesec-310 FOUND
D:\Program Files\Octave\3.2.0_gcc-4.3.0\mingw32\bin\gprof.exe: Trojan.Fakesec-310 FOUND
D:\Program Files\Octave\3.2.0_gcc-4.3.0\mingw32\bin\ld.exe: Trojan.Fakesec-310 FOUND
D:\Program Files\Octave\3.2.0_gcc-4.3.0\mingw32\bin\nm.exe: Trojan.Fakesec-310 FOUND
D:\Program Files\Octave\3.2.0_gcc-4.3.0\mingw32\bin\objcopy.exe: Trojan.Fakesec-310 FOUND
D:\Program Files\Octave\3.2.0_gcc-4.3.0\mingw32\bin\objdump.exe: Trojan.Fakesec-310 FOUND
D:\Program Files\Octave\3.2.0_gcc-4.3.0\mingw32\bin\ranlib.exe: Trojan.Fakesec-310 FOUND
D:\Program Files\Octave\3.2.0_gcc-4.3.0\mingw32\bin\size.exe: Trojan.Fakesec-310 FOUND
D:\Program Files\Octave\3.2.0_gcc-4.3.0\mingw32\bin\strings.exe: Trojan.Fakesec-310 FOUND
D:\Program Files\Octave\3.2.0_gcc-4.3.0\mingw32\bin\strip.exe: Trojan.Fakesec-310 FOUND
D:\Program Files\Octave\3.2.0_gcc-4.3.0\mingw32\bin\windmc.exe: Trojan.Fakesec-310 FOUND
D:\Program Files\Octave\3.2.0_gcc-4.3.0\mingw32\bin\windres.exe: Trojan.Fakesec-310 FOUND
D:\Program Files\Octave\3.2.0_gcc-4.3.0\mingw32\mingw32\bin\ar.exe: Trojan.Fakesec-310 FOUND
D:\Program Files\Octave\3.2.0_gcc-4.3.0\mingw32\mingw32\bin\as.exe: Trojan.Fakesec-310 FOUND
D:\Program Files\Octave\3.2.0_gcc-4.3.0\mingw32\mingw32\bin\dlltool.exe: Trojan.Fakesec-310 FOUND
D:\Program Files\Octave\3.2.0_gcc-4.3.0\mingw32\mingw32\bin\ld.exe: Trojan.Fakesec-310 FOUND
D:\Program Files\Octave\3.2.0_gcc-4.3.0\mingw32\mingw32\bin\nm.exe: Trojan.Fakesec-310 FOUND
D:\Program Files\Octave\3.2.0_gcc-4.3.0\mingw32\mingw32\bin\objcopy.exe: Trojan.Fakesec-310 FOUND
D:\Program Files\Octave\3.2.0_gcc-4.3.0\mingw32\mingw32\bin\objdump.exe: Trojan.Fakesec-310 FOUND
D:\Program Files\Octave\3.2.0_gcc-4.3.0\mingw32\mingw32\bin\ranlib.exe: Trojan.Fakesec-310 FOUND
D:\Program Files\Octave\3.2.0_gcc-4.3.0\mingw32\mingw32\bin\strip.exe: Trojan.Fakesec-310 FOUND
----------- SCAN SUMMARY -----------
Known viruses: 888304
Engine version: 0.96.1
Scanned directories: 322
Scanned files: 7173
Infected files: 25
Data scanned: 291.08 MB
Data read: 244.56 MB (ratio 1.19:1)
Time: 135.338 sec (2 m 15 s)

best regards
Jara

Please upgrade to 0.97, re-scan and post your results back

I did it, but the result is same.

When I download & install Clamwin 0.97 it uses engine 0.96.1.


Scan Started Sat Feb 19 18:38:05 2011
-------------------------------------------------------------------------------

D:\Program Files\Octave\3.2.0_gcc-4.3.0\mingw32\bin\addr2line.exe: Trojan.Fakesec-310 FOUND
D:\Program Files\Octave\3.2.0_gcc-4.3.0\mingw32\bin\ar.exe: Trojan.Fakesec-310 FOUND
D:\Program Files\Octave\3.2.0_gcc-4.3.0\mingw32\bin\as.exe: Trojan.Fakesec-310 FOUND
D:\Program Files\Octave\3.2.0_gcc-4.3.0\mingw32\bin\c++filt.exe: Trojan.Fakesec-310 FOUND
D:\Program Files\Octave\3.2.0_gcc-4.3.0\mingw32\bin\dlltool.exe: Trojan.Fakesec-310 FOUND
D:\Program Files\Octave\3.2.0_gcc-4.3.0\mingw32\bin\gprof.exe: Trojan.Fakesec-310 FOUND
D:\Program Files\Octave\3.2.0_gcc-4.3.0\mingw32\bin\ld.exe: Trojan.Fakesec-310 FOUND
D:\Program Files\Octave\3.2.0_gcc-4.3.0\mingw32\bin\nm.exe: Trojan.Fakesec-310 FOUND
D:\Program Files\Octave\3.2.0_gcc-4.3.0\mingw32\bin\objcopy.exe: Trojan.Fakesec-310 FOUND
D:\Program Files\Octave\3.2.0_gcc-4.3.0\mingw32\bin\objdump.exe: Trojan.Fakesec-310 FOUND
D:\Program Files\Octave\3.2.0_gcc-4.3.0\mingw32\bin\ranlib.exe: Trojan.Fakesec-310 FOUND
D:\Program Files\Octave\3.2.0_gcc-4.3.0\mingw32\bin\size.exe: Trojan.Fakesec-310 FOUND
D:\Program Files\Octave\3.2.0_gcc-4.3.0\mingw32\bin\strings.exe: Trojan.Fakesec-310 FOUND
D:\Program Files\Octave\3.2.0_gcc-4.3.0\mingw32\bin\strip.exe: Trojan.Fakesec-310 FOUND
D:\Program Files\Octave\3.2.0_gcc-4.3.0\mingw32\bin\windmc.exe: Trojan.Fakesec-310 FOUND
D:\Program Files\Octave\3.2.0_gcc-4.3.0\mingw32\bin\windres.exe: Trojan.Fakesec-310 FOUND
D:\Program Files\Octave\3.2.0_gcc-4.3.0\mingw32\mingw32\bin\ar.exe: Trojan.Fakesec-310 FOUND
D:\Program Files\Octave\3.2.0_gcc-4.3.0\mingw32\mingw32\bin\as.exe: Trojan.Fakesec-310 FOUND
D:\Program Files\Octave\3.2.0_gcc-4.3.0\mingw32\mingw32\bin\dlltool.exe: Trojan.Fakesec-310 FOUND
D:\Program Files\Octave\3.2.0_gcc-4.3.0\mingw32\mingw32\bin\ld.exe: Trojan.Fakesec-310 FOUND
D:\Program Files\Octave\3.2.0_gcc-4.3.0\mingw32\mingw32\bin\nm.exe: Trojan.Fakesec-310 FOUND
D:\Program Files\Octave\3.2.0_gcc-4.3.0\mingw32\mingw32\bin\objcopy.exe: Trojan.Fakesec-310 FOUND
D:\Program Files\Octave\3.2.0_gcc-4.3.0\mingw32\mingw32\bin\objdump.exe: Trojan.Fakesec-310 FOUND
D:\Program Files\Octave\3.2.0_gcc-4.3.0\mingw32\mingw32\bin\ranlib.exe: Trojan.Fakesec-310 FOUND
D:\Program Files\Octave\3.2.0_gcc-4.3.0\mingw32\mingw32\bin\strip.exe: Trojan.Fakesec-310 FOUND
----------- SCAN SUMMARY -----------
Known viruses: 892792
Engine version: 0.96.1
Scanned directories: 322
Scanned files: 7173
Infected files: 25
Data scanned: 291.08 MB
Data read: 244.56 MB (ratio 1.19:1)
Time: 68.797 sec (1 m 8 s)

The detections are improved with each version. The scanning engine provided to ClamWin by Clam AV has some enhanced detection with each version. Sometimes the older engines are not able to process the enhanced detections, can only read part of an enhanced signature, and, therefore, may come up with some false positives on an incomplete signature. This false positive may be cleared up if you could update to ClamWin version .97, the latest version. I have seen several in this category lately.

If you were unable to update to the latest version, you might try completely uninstalling ClamWin and then see if you can install version .97. Be sure to save your ClamWin config file if you have a custom configuration that would take some time to re-do.. Mine is in C:\Users\Nan\AppData\Roaming\.clamwin\ClamWin.conf on my Vista machine. It should be similar on Windows 7, and I think it would be somewhere in Documents and Settings\yourusername on XP.

If all this fails, exclude D:\Program Files\Octave\3.2.0_gcc-4.3.0\mingw32\bin\ from ClamWin scans until you can figure out something.

Regards,

Then you point to 0.96.1 clamav binaries in clamwin config-files section. I suggest to uninstall clamwin and install 0.97 again - this should overwrite your config.

It seems OK now, thanks:

Scan Started Mon Feb 21 12:30:47 2011
-------------------------------------------------------------------------------


----------- SCAN SUMMARY -----------
Known viruses: 893165
Engine version: 0.97
Scanned directories: 5
Scanned files: 64
Infected files: 0

Data scanned: 31.54 MB
Data read: 24.72 MB (ratio 1.28:1)
Time: 8.938 sec (0 m 8 s)

--------------------------------------
Completed
--------------------------------------