[Clamav-users] Trojan.Zonebac false positives?

Top Page
Message as email
+ (text/plain)
Delete this message
Reply to this message
Author: Brandon Perry
To: clamav-users
Subject: [Clamav-users] Trojan.Zonebac false positives?
After updating today, I am getting many legit-looking executables
(Yahoo!, HP, SmartBridge, etc...) being marked as Trojan.Zonebac. Is
anyone else having a problem with this? I will submit it a sample, but I
wanted to know if anyone was having this same problem.

>From looking at the Symantec site...

"Trojan.Zonebac is a Trojan horse that lowers Microsoft Internet
Explorer security zone settings."

The executables being marked are all internet-browser related except
one, and that was from Adobe (Reader_sl.exe).

Any thoughts?
Thanks, Brandon

Home Page: http://www.volatileminds.net

Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net