Hello,

Thanks for ClamWin.

OK ClamWin founds a candidate as infected file, one has confirmed this with www.virustotal.com, now:

1/ which site/url should I use to know what this virus/trojan does (viz want to know the damages)?
I suppose this exists as there is a database of viruses signature.
Knowing the behaviour is important to clean the system, as one could wonder if simply live booting some Linux distro and deleting under Linux the infected files is sufficient.

In present case "Interop.SHDocVw.dll: Win.Adware.Linkury-2970 FOUND"

=> I suggest as additional feature a direct link to the known behaviour of the virus into the log.

2/ I use portable version 0.99, Preferences: Remove(Use Carefully)
Why ClamWin does not remove it, is it a "wished" functionnality, but not sure due to sys file locks, etc.

The option "Move to Quarantine folder" also failed(aka did not perform) in the present case.

Thanks

P.S. How to log only the Infected files?

There is no way to log only infected files. If the Move To Quarantine option is selected, ClamWin should move any detections to the quarantine folder--unless it detects a false positive detection in the Clam AV signature on a Microsoft file. ClamWin will remove an infected file it the options is selected unless the file is really hooked into the system by the virus.

You can do a search on the virus name to see its effects--use the name given by one of the major AV companies--like Avast, Avira, Bit Defender, Kaspersky, Symantec, McAfee, or Microsoft.

ClamWin uses the scan engine and virus definitions provided by the Clam AV project. Clam AV is responsible for preparing all signatures and scanning capability.

The portable version of ClamWin is actually a separate project from ClamWin, and the ClamWin forum does not provide much support for it.

Regards,