On 01/16/2012 03:53 PM, Anne Wilson wrote:
I run clamav on my mail server, and my daughter runs clamwin on Windows
7, on my recommendation. This morning's scan showed midi files that
have been on my server for 2 years or more as being infected, e.g.:
/Data1/Midi/AudigyCD/SYMPHONY.MID: BC.Exploit.CVE_2012_0003 FOUND
Soon after reading this, I got a phone call from my daughter saying that
clamwin had quarantined all midi files supplied in the Creative
Soundblaster X-Fi installation. The screenshot she sent me shows
nothing but the midi files.
Please submit some of those false positives here (make sure you choose the 'A
false positive' radiobox):
http://cgi.clamav.net/sendvirus.cgi
I have told her not to worry for now, but is there a way to mark these
as not infected and remove them from quarantine?
Create a file called local.ign2 in your database directory and add this line to
it:
BC.Exploit.CVE_2012_0003
Best regards,
--Edwin
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
