On Fri, Feb 10, 2012 at 01:53:26PM +0200, Henri Salo wrote: > I just reported sample as false-positive, which is detected as > Exploit.MS04_028-4. This picture is generated by web-camera with SHA1 > d7ad16339fbf5d2b193bb4df7299c6f3da20c0b8 and I do have another file, which > were detected with same malware name at 2012-01-25 with SHA1 > cb446b3002f39b250abb5a3eaec8e59e46b4b9e2, but it is not detected anymore by > ClamAV. This web-camera is used in Tampere Finland to record city and our > shell-user is using crontab to create a videos like this: > http://vimeo.com/35187490
Just a follow-up that this has been changed in fingerprints to be false-positive detection. Please do contact me and send a submission if you see similar files as infected. - Henri Salo _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
