 |
 | [Win.Trojan.Ramnit-7001] FALSE POSITIVE FOUND ? |  |
|
davehatpec
|
|
The following files are Digitally Signed by Microsoft Corporation and may have been incorrectly detected as viruses:
C:\Drivers\sp54816\Graphics\igdumdx32.dll: [Win.Trojan.Ramnit-7001] FALSE POSITIVE FOUND C:\Drivers\sp54817\Graphics\igdumdx32.dll: [Win.Trojan.Ramnit-7001] FALSE POSITIVE FOUND C:\Windows\System32\DriverStore\FileRepository\kit38940.inf_amd64_neutral_9f2b25b000685d2d\igdumdx32.dll: [Win.Trojan.Ramnit-7001] FALSE POSITIVE FOUND C:\Windows\SysWOW64\igdumdx32.dll: [Win.Trojan.Ramnit-7001] FALSE POSITIVE FOUND Please do not be alarmed and help us by submitting the files identified above as FALSE POSITIVE at https://www.clamav.net/sendvirus/ I already submitted to the above URL but it only lets me upload one file. Do I have a Trojan or not? |
|||||||||||
|
|||||||||||||
 |
| |
|
GuitarBob
|
|
No - as the ClamWin post-scan message says, they are all false positive (wrong) detections of one virus. Several years ago, the scan engine from Clam AV was having lots of false detections, but they would not do anything about it, so the ClamWin developers added some protection against false detections on important files. When there is such a false detection, ClamWin gives you the message you got.
As the message says, you can help Clam AV correct their wrong signature if you upload the falsely detected file to Clam AV. If you have more than one false detection, you can zip them. However, if several/all of the files have the same wrong virus detection (as in your case), just submit one file. It may take Clam AV some time to prepare a corrected signature. It may help if you scan the file(s) on Virus Total (VG) because VT will send false positively detected files to the AVs involved. Sometime Clam AV will not prepare a correction. In that case, see whitelisting below. You can whitelist the file so that ClamWin will not bother scanning it any more. Open ClamWin, choose Tools, Preferences, Filters, Exclude Matching Filenames. Select the square block, copy the location, filename and extension in the place provided and OK it. Example: c:\program folder name\program.extension. Since some false positive files are not really quarantined by ClamWin--all it does is just give the false positive message, some users do not bother to do anything about it. Thanks for using ClamWin! Regards, |
|||||||||||
|
|||||||||||||
|
 | [Win.Trojan.Ramnit-7001] FALSE POSITIVE FOUND ? | |
|
||
|
|
|
Powered by phpBB © phpBB Group
Design by phpBBStyles.com | Styles Database.
Content © ClamWin Free Antivirus GNU GPL Free Software Open Source Virus Scanner. Free Windows Antivirus. Stay Virus Free with Free Software.
Design by phpBBStyles.com | Styles Database.
Content © ClamWin Free Antivirus GNU GPL Free Software Open Source Virus Scanner. Free Windows Antivirus. Stay Virus Free with Free Software.