ClamWin Free Antivirus Forum Index
ClamWin Free Antivirus
Support and Discussion Forums
Reply to topic
definitions problem or real threat?
Steffen


Joined: 12 Jul 2011
Posts: 2
Location: Germany
Reply with quote
Dear Support Team,

i'm using your software to do a antivirustest on computers. Yesterday i scaned a pc with the newest virus definitions. 5 "viruses" appeared (LOGFILE). When i did the scan today with some new definitions only 3 viruses appeared. Can you tell me, what these viruses are? Is it just a problem with some definitions (checksums)?

best regards

steffen

Scan Started Mon Jul 11 15:23:10 2011
-------------------------------------------------------------------------------
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\CardSpace\CardSpaceSP2.db: Permission denied
C:\Documents and Settings\Administrator\Local Settings\Temp\nsx1D.tmp: Permission denied
C:\pagefile.sys: Permission denied
C:\WINDOWS\system32\CatRoot2\tmp.edb: Permission denied
C:\WINDOWS\system32\config\default: Permission denied
C:\WINDOWS\system32\config\SAM: Permission denied
C:\WINDOWS\system32\config\SECURITY: Permission denied
C:\WINDOWS\system32\config\software: Permission denied
C:\WINDOWS\system32\config\system: Permission denied

C:\WINDOWS\regedit.exe: Trojan.Genome-118 FOUND
C:\WINDOWS\system32\dllcache\regedit.exe: Trojan.Genome-118 FOUND
C:\WINDOWS\system32\dllcache\spider.exe: Trojan.Genome-25 FOUND
C:\WINDOWS\system32\dllcache\taskmgr.exe: Trojan.Genome-28 FOUND
C:\WINDOWS\system32\taskmgr.exe: Trojan.Genome-28 FOUND


----------- SCAN SUMMARY -----------
Known viruses: 1694462
Engine version: 0.95.3
Scanned directories: 5288
Scanned files: 53041

Infected files: 5

Data scanned: 9897.66 MB
Data read: 8374.11 MB (ratio 1.18:1)
Time: 2028.015 sec (33 m 48 s)
--------------------------------------
Completed
--------------------------------------


one day later:

Scan Started Tue Jul 12 08:58:53 2011
-------------------------------------------------------------------------------
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\CardSpace\CardSpaceSP2.db: Permission denied
C:\Documents and Settings\Administrator\Local Settings\Temp\nsj25.tmp: Permission denied
C:\pagefile.sys: Permission denied
C:\WINDOWS\system32\CatRoot2\tmp.edb: Permission denied
C:\WINDOWS\system32\config\default: Permission denied
C:\WINDOWS\system32\config\SAM: Permission denied
C:\WINDOWS\system32\config\SECURITY: Permission denied
C:\WINDOWS\system32\config\software: Permission denied
C:\WINDOWS\system32\config\system: Permission denied

C:\WINDOWS\system32\dllcache\spider.exe: Trojan.Genome-25 FOUND
C:\WINDOWS\system32\dllcache\taskmgr.exe: Trojan.Genome-28 FOUND
C:\WINDOWS\system32\taskmgr.exe: Trojan.Genome-28 FOUND

----------- SCAN SUMMARY -----------

Known viruses: 1696528
Engine version: 0.95.3
Scanned directories: 5288
Scanned files: 53063

Infected files: 3

Data scanned: 9898.14 MB
Data read: 8374.55 MB (ratio 1.18:1)
Time: 2043.203 sec (34 m 3 s)
--------------------------------------
Completed
--------------------------------------






Antivirus results
AhnLab-V3 - 2011.07.12.02 - 2011.07.12 - -
AntiVir - 7.11.11.63 - 2011.07.12 - -
Antiy-AVL - 2.0.3.7 - 2011.07.12 - -
Avast - 4.8.1351.0 - 2011.07.11 - -
Avast5 - 5.0.677.0 - 2011.07.11 - -
AVG - 10.0.0.1190 - 2011.07.11 - -
BitDefender - 7.2 - 2011.07.12 - -
CAT-QuickHeal - 11.00 - 2011.07.11 - -
ClamAV - 0.97.0.0 - 2011.07.12 - Trojan.Genome-28
Commtouch - 5.3.2.6 - 2011.07.12 - -
Comodo - 9357 - 2011.07.12 - -
DrWeb - 5.0.2.03300 - 2011.07.12 - -
Emsisoft - 5.1.0.8 - 2011.07.12 - -
eSafe - 7.0.17.0 - 2011.07.11 - -
eTrust-Vet - 36.1.8438 - 2011.07.12 - -
F-Prot - 4.6.2.117 - 2011.07.11 - -
F-Secure - 9.0.16440.0 - 2011.07.12 - -
Fortinet - 4.2.257.0 - 2011.07.12 - -
GData - 22 - 2011.07.12 - -
Ikarus - T3.1.1.104.0 - 2011.07.12 - -
Jiangmin - 13.0.900 - 2011.07.11 - -
K7AntiVirus - 9.108.4894 - 2011.07.11 - -
Kaspersky - 9.0.0.837 - 2011.07.12 - -
McAfee - 5.400.0.1158 - 2011.07.12 - -
McAfee-GW-Edition - 2010.1D - 2011.07.12 - -
Microsoft - 1.7000 - 2011.07.12 - -
NOD32 - 6285 - 2011.07.12 - -
Norman - 6.07.10 - 2011.07.11 - -
nProtect - 2011-07-12.02 - 2011.07.12 - -
Panda - 10.0.3.5 - 2011.07.11 - -
PCTools - 8.0.0.5 - 2011.07.12 - -
Prevx - 3.0 - 2011.07.12 - -
Rising - 23.66.00.03 - 2011.07.11 - -
Sophos - 4.67.0 - 2011.07.12 - -
SUPERAntiSpyware - 4.40.0.1006 - 2011.07.12 - -
Symantec - 20111.1.0.186 - 2011.07.12 - -
TheHacker - 6.7.0.1.253 - 2011.07.12 - -
TrendMicro - 9.200.0.1012 - 2011.07.12 - -
TrendMicro-HouseCall - 9.200.0.1012 - 2011.07.12 - -
VBA32 - 3.12.16.4 - 2011.07.12 - -
VIPRE - 9839 - 2011.07.12 - -
ViRobot - 2011.7.12.4563 - 2011.07.12 - -
VirusBuster - 14.0.119.0 - 2011.07.11 - -
File info:
MD5: 2cd1c3506a85b38e2d17e61aded175c4
SHA1: 811d06dc5c7b530a5f0bd07c50607e402da43d59
SHA256: f899e8c466b518346d47c7cd56f6d4ae3eed38369b8e38b6badf0227b93e7f82
File size: 135680 bytes
Scan date: 2011-07-12 07:34:43 (UTC)
View user's profileSend private message
GuitarBob


Joined: 09 Jul 2006
Posts: 4376
Location: USA
Reply with quote
It appears they are all false positives and that some of them have been corrected. You should upload the still-detected files to Clam AV for correction via their page at http://www.clamav.net/lang/en/ on the web (submit a file link). Be sure to indicate the type is "false positive" and not "virus" on the submission form Clam will correct their signature withing a couple of days. In the meantime, you can temporarily exclude those files from ClamWin scans via ClamWin preferences, filters, exclude matching filenames.

Regards,
View user's profileSend private message
Steffen


Joined: 12 Jul 2011
Posts: 2
Location: Germany
Reply with quote
problem fixed with new virus definition updates. thx
View user's profileSend private message
kevincartter


Joined: 26 Aug 2011
Posts: 1
Location: Los Angeles
Reply with quote
Congratulation , you had fixed your problems !

Kevincartter
Los Angeles , USA
View user's profileSend private message
definitions problem or real threat?
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
All times are GMT  
Page 1 of 1  

  
  
 Reply to topic