ClamWin Free Antivirus Forum Index
ClamWin Free Antivirus
Support and Discussion Forums
Reply to topic
Dealing with virus's
Linds


Joined: 21 Aug 2006
Posts: 2
Reply with quote
First off thank you to all the folks who are developing clamwin. I am impressed how actively it is receiving updates.

I currently have it installed on 5 or 6 machines at my workplace and I was wandering if the strategy I developed is good one.

I have CW updating it's database once a day and then automatically running a scan twice a day. I am not sure if I should have it set to automatically remove virus's. If I just quarantine the virus's I am correct that this places them in a folder that renders them useless unless moved back out of that folder?

I had the following error messages (see below) after running CW and this is the reason I asked all the above questions. Just some things you should know about this computer. It is a server we do not use MSSQL so I am not sure why it said it can't open these files. Also as you can see in the log file it deleted 4 virus's from the clamwin quaratine folder. That is because I had the box checked that said move viruses to the quarantine folder.



--------------------------------------

Scan started: Thu Aug 17 07:12:32 2006





C:\Documents and Settings\Administrator\.clamwin\quarantine\clamscan.exe.20060803-080003-00.hdmp: Removed

C:\Documents and Settings\Administrator\.clamwin\quarantine\clamscan.exe.20060804-065146-00.hdmp: Removed

C:\Documents and Settings\Administrator\.clamwin\quarantine\clamscan.exe.20060804-075100-00.hdmp: Removed

C:\Documents and Settings\Administrator\.clamwin\quarantine\clamscan.exe.20060805-065152-00.hdmp: Removed

ERROR: Can't open file C:\pagefile.sys

ERROR: Can't open file C:\Program Files\Exchsrvr\MDBDATA\priv1.edb

ERROR: Can't open file C:\Program Files\Exchsrvr\MDBDATA\priv1.stm

ERROR: Can't open file C:\Program Files\Exchsrvr\MDBDATA\pub1.edb

ERROR: Can't open file C:\Program Files\Exchsrvr\MDBDATA\pub1.stm

ERROR: Can't open file C:\Program Files\Exchsrvr\MDBDATA\tmp.edb

ERROR: Can't open file C:\Program Files\Microsoft SQL Server\MSSQL$SHAREPOINT\Data\master.mdf

ERROR: Can't open file C:\Program Files\Microsoft SQL Server\MSSQL$SHAREPOINT\Data\mastlog.ldf

ERROR: Can't open file C:\Program Files\Microsoft SQL Server\MSSQL$SHAREPOINT\Data\model.mdf

ERROR: Can't open file C:\Program Files\Microsoft SQL Server\MSSQL$SHAREPOINT\Data\modellog.ldf

ERROR: Can't open file C:\Program Files\Microsoft SQL Server\MSSQL$SHAREPOINT\Data\msdbdata.mdf

ERROR: Can't open file C:\Program Files\Microsoft SQL Server\MSSQL$SHAREPOINT\Data\msdblog.ldf

ERROR: Can't open file C:\Program Files\Microsoft SQL Server\MSSQL$SHAREPOINT\Data\STS_Config.mdf

ERROR: Can't open file C:\Program Files\Microsoft SQL Server\MSSQL$SHAREPOINT\Data\STS_Config_log.LDF

ERROR: Can't open file C:\Program Files\Microsoft SQL Server\MSSQL$SHAREPOINT\Data\STS_OEMSBSCN-2267_1.mdf

ERROR: Can't open file C:\Program Files\Microsoft SQL Server\MSSQL$SHAREPOINT\Data\STS_OEMSBSCN-2267_1_log.LDF

ERROR: Can't open file C:\Program Files\Microsoft SQL Server\MSSQL$SHAREPOINT\Data\STS_swd01_1.mdf

ERROR: Can't open file C:\Program Files\Microsoft SQL Server\MSSQL$SHAREPOINT\Data\STS_swd01_1_log.LDF

ERROR: Can't open file C:\Program Files\Microsoft SQL Server\MSSQL$SHAREPOINT\Data\tempdb.mdf

ERROR: Can't open file C:\Program Files\Microsoft SQL Server\MSSQL$SHAREPOINT\Data\templog.ldf

ERROR: Can't open file C:\WINDOWS\NTDS\ntds.dit

ERROR: Can't open file C:\WINDOWS\NTDS\temp.edb

ERROR: Can't open file C:\WINDOWS\ntfrs\jet\ntfrs.jdb

ERROR: Can't open file C:\WINDOWS\ntfrs\jet\temp\tmp.edb

ERROR: Can't open file C:\WINDOWS\SoftwareDistribution\EventCache\6F17C922-6C96-448A-9771-BB476F8A8987.bin

ERROR: Can't open file C:\WINDOWS\system32\dhcp\dhcp.mdb

ERROR: Can't open file C:\WINDOWS\system32\dhcp\tmp.edb

ERROR: Can't open file C:\WINDOWS\system32\wins\wins.mdb

ERROR: Can't open file C:\WINDOWS\system32\wins\winstmp.mdb

ERROR: Can't open file C:\WINDOWS\Temp\LBB.tmp

ERROR: Can't open file C:\WINDOWS\Temp\LBC.tmp

ERROR: Can't open file D:\Shared\Installation schedule\Cabinet Makers Schedule\~WRL2534.tmp



C:\Documents and Settings\Administrator\.clamwin\quarantine\clamscan.exe.20060803-080003-00.hdmp: BeBe2 FOUND

C:\Documents and Settings\Administrator\.clamwin\quarantine\clamscan.exe.20060804-065146-00.hdmp: BeBe2 FOUND

C:\Documents and Settings\Administrator\.clamwin\quarantine\clamscan.exe.20060804-075100-00.hdmp: BeBe2 FOUND

C:\Documents and Settings\Administrator\.clamwin\quarantine\clamscan.exe.20060805-065152-00.hdmp: BeBe2 FOUND

-- summary --

Known viruses: 65452

Engine version: 0.88.3

Scanned directories: 7213

Scanned files: 71470

Infected files: 4



Data scanned: 84795.81 MB

Time: 31409.828 sec (523 m 29 s)LibClamAV Error: ERROR: failed to create file: c:\docume~1\admini~1\locals~1\temp\1\clamav-2d7527660f34c6c5\_r~\___



--------------------------------------

Completed

--------------------------------------

LibClamAV Error: ERROR: failed to create file: c:\docume~1\admini~1\locals~1\temp\1\clamav-de177f7c339dc021\_15_\___

LibClamAV Error: ERROR: failed to create file: c:\docume~1\admini~1\locals~1\temp\1\clamav-9fd04a2b923f208f\_15_\___

LibClamAV Error: ERROR: failed to create file: c:\docume~1\admini~1\locals~1\temp\1\clamav-5c1148d1617ccad6\_15___\__M_

LibClamAV Error: ERROR: failed to create file: c:\docume~1\admini~1\locals~1\temp\1\clamav-528633ab9b73cbc1\_r~\___

LibClamAV Error: ERROR: failed to create file: c:\docume~1\admini~1\locals~1\temp\1\clamav-c1939e6905d644ab\_15___\__M_

LibClamAV Error: ERROR: failed to create file: c:\docume~1\admini~1\locals~1\temp\1\clamav-7f51d574c9c31430\_15___\__M_

LibClamAV Error: ERROR: failed to create file: c:\docume~1\admini~1\locals~1\temp\1\clamav-65661f39974390aa\_15_\___
View user's profileSend private message
alch
Site Admin

Joined: 27 Nov 2005
Posts: 1751
Reply with quote
from the log fils there isn't anything suspicious. Some software will install MSSQL desktop engine without you knowing it, and if you use Sharepoint, then you definitely have a MSSQL database.
View user's profileSend private message
Dealing with virus's
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
All times are GMT  
Page 1 of 1  

  
  
 Reply to topic