On 01/22/2010 05:42 PM, Jon Bendtsen wrote: > I do need to worry about your and any other ClamAV installation. The software > in question is something we programmed and released ourselves. We can not > have a situation where our customers think our software contains a > virus/Trojan. >
The signature is a PE section MD5 hash: 25600:bedd56a8c32b0eebc11178708aa6d056:Trojan.Agent-136369 So that signature specifically matches one of the sections in your executable file. Does your file use some packer/obfuscator/installer? Malware authors use it often also, so this signature might actually be the unpacker/installer stub, and not the malware itself. But if this is a software your program and release yourself the answer is simple: rebuild the software from its sources, and run clamscan on the new file. If it is still reporting the same malware, and you are sure you've done the build in a clean environment, then submit it as false positive here: http://clamav.net/sendvirus Best regards, --Edwin _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
