Subject: | |
From: | |
Reply To: | |
Date: | Thu, 26 Apr 2007 15:09:14 -0700 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
Folks,
We are looking into this. It appears to be an issue with Sophos
recognizing the .DLL wrongly.
It's a false positive. Will keep you guys posted
We have made Sophos aware from our side as well
Regards
Prem
-----Original Message-----
From: Cisco Clean Access Users and Administrators
[mailto:[log in to unmask]] On Behalf Of Mike Diggins
Sent: Thursday, April 26, 2007 1:02 PM
To: [log in to unmask]
Subject: Re: What do these Clean Access agent files do?
Just checked and we're seeing the same thing with Agent 4.0.4! Sophos
6.5.5 is claiming C:\Program Files\Cisco Systems\Clean Access
Agent\AV41\AV\SpyBot.dll is infected with Mal/Behav-102. Virustotal
reports no infection so I assume it's a false positive too. I'll submit
a report to Sophos as well.
-Mike
On Thu, 26 Apr 2007, Josh Heller wrote:
> You can get a thorough and practically real-time analysis at
> virustotal.com
>
> Probably a good idea to check it out there as well.
>
> Best,
>
> Josh
>
> -----Original Message-----
> From: Cisco Clean Access Users and Administrators
> [mailto:[log in to unmask]] On Behalf Of David Stempien
> Sent: Thursday, April 26, 2007 3:18 PM
> To: [log in to unmask]
> Subject: What do these Clean Access agent files do?
>
> We are getting reports from our users that the file C:\Program
> Files\Cisco Systems\Clean Access Agent\AV41\AV\SpyBot.dll is infected
with a virus.
> We're using Sophos Anti-Virus with a definition file dated today, so a
> change in the new definition file thinks the SpyBot.dll file is
infected.
> Obviously, this is a false positive (I hope). I submitted the file to
> Sophos for research.
>
> My question is: does anyone know what all of the .dll files in the
> path above actually contain/do in regards to Clean Access agent
> operation? I assume something to identify installation of AV
software...
>
> Thanks,
>
> --
> Dave Stempien, Network Security Engineer University of Rochester
> Medical Center Information Systems Division
> 585-784-2427
>
_________________________________________
Mike Diggins Voice: 905.525.9140 Ext. 27471
Network Analyst, Enterprise Networks FAX: 905.528.3773
University Technology Services E-Mail: [log in to unmask]
McMaster University, Hamilton, Ontario
|
|
|