> Has this plugin caused any other false positives? Every check has a defined > match pattern to look for (vs a 200/404 check), so there may be a couple > whose match patterns are triggered by web server error responses containing > the name of the requested file.
I scanned a Win2k machine today with the Compaq agent on it and didn't get any positives from the Compromised plugin, not even the FireDemon.exe. Just my $.02 <g> It may be version related... -Sullo
