KB Issue
When ClamWin scans zip archives that have Facebook-type names, the scanner may give a false positive alert on the file(s). Renaming the files, can sometimes fix this issue.
Issue Details
When ClamWin scans certain zip files that contain Facebook name files within the zip file, a False Positive alarm is created, thinking that the zip file has an enclosed virus named: Suspect.Bredozip-zippwd-3
Copy
Search Site
Search Google
This action is tested with files that are included in the Facebook Wallscript
facebook wall script.php
Copy
Search Site
Search Google
Scan Started Fri Jan 27 08:03:22 2012
---------------------------------------------------------------------------

D:\Tutorials\FB Comments\3\php\facebook WallScript 2.zip: Suspect.Bredozip-zippwd-3 FOUND
--------- SCAN SUMMARY ---------

Known viruses: 1121810
Engine version: 0.97.3
Scanned directories: 0
Scanned files: 1
Infected files: 1

Data scanned: 0.01 MB
Data read: 0.01 MB (ratio 1.00:1)
Time: 19.879 sec (0 m 19 s)
----------------------------------

Completed
--------------------------------------
Recreate Issue
ClamWin assumes that the file located within the facebook WallScript 2.zip
Copy
Search Site
Search Google

Is a virus when it is not.
The file is: facebook wall script.php
Copy
Search Site
Search Google

Because this file is inside the zip archive, ClamWin will continue to assume it is an affected file.
Resolve Issue