On Thu, 2004-05-13 at 20:53, Damian Menscher wrote: > You are obviously correct in the case of an intrusion. But I don't know > many 1337 h4x0rs that would mess with: > //usr/share/doc/libxml2-devel-2.5.4/example.html: Exploit.Junksurf.A FOUND > which is why i recommended updating clamav before reinstalling. > > Taking things in context helps.
Its also worth noting that where the type of infection doesn't match the type of file its likely to be a false positive. For example if you find linux binaries 'infected' with a word macro virus. In this particular case (from its name, and the description of a similarly named virus on Trend's site http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=HTML_JUNKSURF.A ) I would guess this is an HTML exploit, therefore finding it in all manner of files, both binary and text would seem to suggest an error on the part of the scanner. BMRB International http://www.bmrb.co.uk +44 (0)20 8566 5000 _________________________________________________________________ This message (and any attachment) is intended only for the recipient and may contain confidential and/or privileged material. If you have received this in error, please contact the sender and delete this message immediately. Disclosure, copying or other action taken in respect of this email or in reliance on it is prohibited. BMRB International Limited accepts no liability in relation to any personal emails, or content of any email which does not directly relate to our business. ------------------------------------------------------- This SF.Net email is sponsored by: SourceForge.net Broadband Sign-up now for SourceForge Broadband and get the fastest 6.0/768 connection for only $19.95/mo for the first 3 months! http://ads.osdn.com/?ad_id=2562&alloc_id=6184&op=click _______________________________________________ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
