i don't know where to put this, but lots of folks will see it here!

my Avast virus software catches the CVE-2007-3896 [Expl] virus when I attempt to d/l the ZIA pdf-results chart for Nov 5.

i get the same result from Equibase emailed file.

any others??

brian

I get the same thing for Zia only.

Also, it is for ZIA on Nov 5 only.

i contacted Equibase support and they did not 'have a problem'.

so they emailed me a copy of the file. it too was infected.

maybe they need more contact to indicate they have a problem, and it may be with their AntiVirus software.

scary that!!


brian

Further:
Have scanned HD, not all, but all pdf-files.

found 49 infected files starting with GG on May 27/07

It's an IE vulnerability. Check out the links here:

CVE-2007-3896 Link (http://secunia.com/cve_reference/CVE-2007-3896/)

But it is still a Virus is it not?

that link just tells (to some) how the virus takes advantage of Windows, eh?

Unless my browser was playing tricks, the results for the 5th were gone and now they are back, maybe they fixed the problem?

I am using IE 6 and they are all passing virus checks.

Jim

the problem with that file is gone for me too, must have fixed it! hopefully they got the root of the problem, and we will find no more until the next time.

Very likely was not a problem with the files, just a false positive with the virus program. That isn't uncommon. The best thing to do if you get a flag that says virus and you got it from what should be a trusted source is to send it to the virus company for further evaluation. Avast must be getting very sensitive lately -- I've had a number of false positives on uninfected files of different types with some of their recent updates...

you may be right about false positives, but i got them from two different machines running different operating systems (Win2k and xp). they occurred thrice last nite, again this am, and when the file was emailed to me.

what 'trusted site'?

you may be right about false positives, but i got them from two different machines running different operating systems (Win2k and xp). they occurred thrice last nite, again this am, and when the file was emailed to me.

what 'trusted site'?Why wouldn't you get them on different machines, etc? It is the virus program you use that counts -- if you are using Avast on all those machines you're going to get the same result.

Equibase in this case would be the "trusted" site -- meaning you don't think Equibase is actually putting viruses in their files on purpose, do you? While it is possible their files are infected for some reason, the most likely explanation is that there are no viruses in those files at all, the virus program is simply in error. ...

Equibase in this case would be the "trusted" site -- meaning you don't think Equibase is actually putting viruses in their files on purpose, do you? While it is possible their files are infected for some reason, the most likely explanation is that there are no viruses in those files at all, the virus program is simply in error. ...

but the false positive disappeared after notifying Equibase that this problem was encountered. So you may be right about the false positive, but i suspect not.

and Equibase corrected the problem, so are not a part of the evil empire despite Mr. Bain's problems ( described last spring)

thank you all for your assistance, but i think this issue is now morte!

Have you considered a second opinion?

Most of the major anti virus, spyware providers have FREE
online scans using activeX.

Norton (http://security.symantec.com/sscv6/default.asp?langid=ie&venid=sym)....TrendMicro (http://housecall.trendmicro.com/)....Kaspersky (http://www.kaspersky.com/virusscanner)....Panda (http://www.pandasecurity.com/homeusers/solutions/activescan/)....McAfee (http://us.mcafee.com/root/mfs/default.asp?cid=9914)....CA (http://ca.com/us/securityadvisor/virusinfo/scan.aspx)





____________________________________
“Two men were examining the output of the new computer in their department. After an hour or so of analyzing the data, one of them remarked: "Do you realize it would take 400 men at least 250 years to make a mistake this big ?”

MED for Wed came up positive.

i can't test the file because my virus checker refuses to download it.

MED for Wed came up positive.

i can't test the file because my virus checker refuses to download it.

I downloaded this file (using Windows 2000 Pro and Norton) - NO problems here.

Worked fine this morning (aft).

wonder if Eq is making the changes based on virus checking, or just 'natural' regeneration of the 'static' files by the pdf generator?

More likely is that Avast fixed their pattern file so it no longer generates a false positive with the pdf file and then your system's automatic update got the new pattern file, ran it and found no problem.

You can test for yourself by doing a binary file compare on a good and 'bad' copy of the files and see if there is, in fact, anything changed.

Remember that anti-virus programs are just software, not intelligence.