I downloaded the new version of portable apps from the link that my old tor bundle gave me a prompt, and started using it. Than I used the clamwin on my thumbdrive that had no viruses prior to the download, but after the download gave me:

DC31E72D005E\RP129\A0098243.exe: Trojan.Fakesec-310 FOUND
Z:\System Volume Information\_restore3046DEF3-D4CB-446D-B516-DC31E72D005E\RP129\A0098244.EXE: Trojan.Fakesec-310 FOUND
Z:\System Volume Information\_restore3046DEF3-D4CB-446D-B516-DC31E72D005E\RP129\A0098245.EXE: Trojan.Fakesec-310 FOUND
Z:\System Volume Information\_restore3046DEF3-D4CB-446D-B516-DC31E72D005E\RP129\A0098249.dll: Trojan.Fakesec-310 FOUND
----------- SCAN SUMMARY -----------

I deleted the new version and switched back to the old but clamwin still gave me the same scan summary.

Is this a false positive? If not, how do I delete it? Because the files shown on the report as infected do not exist on my thumbdrive at all and clamwin just gives me the result with no option to delete the file.

Thanks.

Set your Windows folders view (Control Panel, Folder Options, View) to unhide protected system files and then see if you can see the virus file on the thumb drive. If that doesn't work, reformat the thumb drive. You might also temporarily turn off system restore and then turn it back on to clear anything that might be in there. Re-set your folders view to Hide.

Get back here if you still have problems. Stay away from torrents, porn, and software cracks.

Regards,

I'll try that.
Which free USB formating tool would you recommend?

If I gather correctly the clamwin antivirus does not delete the viruses, only detects them, than you have to do it manually?

Thanks.

ClamWin has 3 infected files options under the general preferences tab: report, remove, or quarantine. Select the quarantine option. If it wrongly detects a file as a "false positive" (FP), you can use the ClamWin quarantine browser to place the file back where it was (select All Programs, ClamWin, Quarantine Browser), but it will detect the file during the next scan unless you also exclude it under the filters tab, exclude matching filenames. (format: filename.extension). Submit the FP to Clam AV as a "false positive" type file on the Clam AV submission form. You can remove the filename.extension exclusion from the filters tab when Clam AV fixes the false positive--usually within a couple of days.

Windows 7 has a built-in USB format command--right click on the USB drive letter in Windows Explorer. If you have something besides Windows 7, do a Google search for a format tool.

Regards,

I found the files following your tutorial, thanks. I than put avg on them and malwarebytes neither of which found a virus.

Should I still delete them? Could there be any problems with thumbnail operation if I do?

Malwarebytes does a better job at finding infections on a hard drive than on USB--it's not that good at scanning one file (doesn't have as many signatures as lots of AVs). I don't know much about AVG--the new version seems okay. If they actually scanned the file, and if you can't see the file to upload it to Jotti or Virus Total to check out with many AVs, I would delete it from the USB--I don't know what will happen though, but I think it's better to be safe than sorry!

Regards.