murray alfredson
Joined: 26 Dec 2008 |
Posts: 0 |
Location: South Australia |
|
|
Posted: Fri Dec 26, 2008 6:49 am |
|
|
|
|
|
I am puzzled by Clamwin identifying and quarantining it own download files of release 94.1. Here is a copy of the entries from the Quarantine folder.
infected.clamwin-update-0.94-0.94.1.exe
Other virus and malware scanners have not picked this up, not had clanwin on previous scans. This happened e few days ago.
I do not know what to do, and whether the activated and installed programs are also infected -- that is, I do not know whether it is safe to run clamwin.
Murray alfredson
|
|
alch
Site Admin
Joined: 27 Nov 2005 |
Posts: 0 |
|
|
|
Posted: Fri Dec 26, 2008 7:56 am |
|
|
|
|
|
There was a false positive recently detecting NSIS-based installers, including clamwin-update. Recent database update fixed that. I suggest you rescan the file with clamwin.
|
|
murray alfredson
Joined: 26 Dec 2008 |
Posts: 0 |
Location: South Australia |
|
|
Posted: Fri Dec 26, 2008 9:08 am |
|
|
|
|
|
What are NSIS based installers?
Perhaps I should download the software again and reinstall before running clamwin?
Murray
|
|
alch
Site Admin
Joined: 27 Nov 2005 |
Posts: 0 |
|
|
|
Posted: Fri Dec 26, 2008 2:31 pm |
|
|
|
|
|
NSIS is the tool used for building software installers used by many programs. I don't think you need to reinstall anything. I suggest you update the virus database in clamwin and re-scan, additionally use an online service like http://www.virustotal.com to scan the suspicious files online.
|
|
murray alfredson
Joined: 26 Dec 2008 |
Posts: 0 |
Location: South Australia |
|
|
Posted: Fri Dec 26, 2008 10:24 pm |
|
|
|
|
|
Thank you for the suggestion. It sounds less drastic than shredding the files.
|
|