I have a laptop that duel boots with windows vista and linux. Needed to check a website build today with IE. I rarely boot up windows so had a number of updates to do.
The virus blocker blocked a virus W32.Virut.Gen.D-163 while doing the updates. The url appears to be the legit update download site.
I have searched here, nothing came up. One email in the clamav linux mailing list. Google search provides numerous links to threads.
It appears to be a false positive. With a lot of people submitting it as a false positive to Clamav over the years.
I was wondering if anyone else has encountered this while doing a windows update. I do not have any other windows machines. I stay as far away from windblows as possible. So I have no idea if this is an isolated event, or a common event.
Which would be the best way to exclude it. Through the clamav config file or through untangle virus blocker.
Would adding D-163 as a file extension and leaving the scan box uncheck
exclude this file from being scanned by virus blocker.
It appears this file may have something to do with m$ office. I re-checked for updates, update system seems to think all is well. I have not tried office yet. Thought I would attempt to get some more info before possibly trashing the OS. Being that windows is so fragile.
Any input from you guys would be appreciated.
- Untangle NG Firewall
- Untangle IC Control
- Help Me Decide