[Clamav-users] Trojan.Zonebac false positives?

Top Page
Attachments:
Message as email
+ (text/plain)
Delete this message
Reply to this message
Author: Brandon Perry
Date:  
To: clamav-users
Subject: [Clamav-users] Trojan.Zonebac false positives?
After updating today, I am getting many legit-looking executables
(Yahoo!, HP, SmartBridge, etc...) being marked as Trojan.Zonebac. Is
anyone else having a problem with this? I will submit it a sample, but I
wanted to know if anyone was having this same problem.

>From looking at the Symantec site...


"Trojan.Zonebac is a Trojan horse that lowers Microsoft Internet
Explorer security zone settings."

The executables being marked are all internet-browser related except
one, and that was from Adobe (Reader_sl.exe).

Any thoughts?
-- 
Thanks, Brandon


Home Page: http://www.volatileminds.net

_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html