|
dos5
| Joined: 09 Jun 2011 |
| Posts: 0 |
|
|
|
 Posted: Thu Jun 09, 2011 2:08 am |
|
 |
 |
|
|
just so you know...........
I have two identical operating systems, servicepacks, etc, It is xp pro sp3......... very fast and secure.... mine anyway..
the other has these trojans while mine does not, both are using clamwin. so are we sure that the false positive is real???
just thought I should mention this.
|
|
|
|
GuitarBob
| Joined: 09 Jul 2006 |
| Posts: 9 |
| Location: USA |
|
|
| Posted: Thu Jun 09, 2011 2:24 am |
|
|
|
|
|
Are both computers using the same version of ClamWin? That particular signature has been known to trigger a false positive--especially on computers that are using a version of ClamWin prior to the latest version-.97. If the detection is on an older version, it is likely a false positive. If it is on version .97, it is probably a real detection, but I would upload one of the detected files to Jotti or Virus Total on the web to see what they say.
With each new version of Clam AV, from which ClamWin is ported over to Windows, Clam has some enhanced signatures. Older versions can't completely read the enhanced signatures and may only process them partially--thus triggering false positives when they see the signature without being able to interpret when the signature is to be applied.
This is not a surefire method to tell a false positive, but I usually like to see at least 2 of these AVs on Jotti/Virus Total detect a virus before I believe it: AntiVir, Bitdefender, Kaspersky, NOD32, and Sophos.
Regards,
|
|
|
