--On Wednesday, October 17, 2007 23:51:39 +0200 Peo Nilsson <[EMAIL PROTECTED]> wrote:

I scanned my FreeBSD 6.2-Release (ports up to date) with
Avira Antivir personal ed, some days ago. The scanner returned

checking drive/path (cwd): /
 Date: 11.10.2007  Time: 16:04:06  Size: 9975
/usr/ports/security/p5-openxpki-client-html-mason/pkg-plist <<< Contains
detection pattern of the HTML script virus HTML/MHT.Gen <snap>...

The information Avira has one can read here:

I posted a question to [EMAIL PROTECTED]
They proposed that the scanner probably was "to nervous" for using with
Unix. (I can't tell myself)

Don't know if this says anything, but I though I would mention it
when I saw your posts.

I've never heard of a "nervous" anti-virus scanner, but that "detection" is clearly a false positive. The pkg-plist file is a list of the files and directories installed by the port, so that they can be removed when you run "make deinstall". Avira probably saw one of the strings in the file as a possible match to a known malicious script.

In fact, their description says it's "a generic detection routine designed to detect common family characteristics shared in several variants"

If you're so inclined, you could report it to Avira so they can tweak their detection accordingly.

Paul Schmehl ([EMAIL PROTECTED])
Senior Information Security Analyst
The University of Texas at Dallas

freebsd-questions@freebsd.org mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to