My workplace has several computers that cannot be connected to the internet. Many people transfer files from these with USB drives which causes them to get viruses from time to time. I installed clamav portable so that I could scan them and on several computers a file winmap32.exe is detected in a folder within C:\RECYCLER and reported as Worm.Palevo-640. When I attempt to quarantine or remove the file it says it is successful but in reality does nothing and the file remains. It is a hidden file and when I try to change the folder options to show hidden files it always reverts immediately so I cannot see the file. I cannot connect the machines to the internet to use virustotal to verify it is something to be concerned about and I am not allowed to install any new software on the computers (hence the use of clamav portable). Any help would be appreciated.

I think you need to get someone from your IT department to help with this. Evidently, the virus has some protection measures to keep it installed--probably a registry entry but there could be other measures as well. You could do a search on the web for that particular virus to see what it does, but you might have to find what name one of the major AVs gives it in order to search--AVs do not all use the same names. Below are a couple of more ideas, but I think it's best to get help from IT.

Microsoft's Safety Scanner is probably your best bet for standalone removal. Just download it (you do not have to install it) to USB and run it. It is available at https://www.microsoft.com/security/portal/mmpc/products/default.aspx on the web. The virus signatures that come with it are good for about 10 days--after that you have to download a newer version of the scanner.

Dr. Web's free Cureit scanner also does a good job. Download it from the Dr. Web site to USB, and it will have current virus signatures. I believe you do not have to install it either--just run from USB. You will have to download a new version in a few days if you want to use it then.

Good luck!

Regards,