 | Anyone heard of vgen.1055.0 |  |
HarryStottle
Joined: 14 Feb 2008 |
Posts: 0 |
Location: UK |
|
 |
Posted: Tue Feb 19, 2008 10:42 pm |
|
 |
 |
 |
 |
have just installed Clam on a BartPE Startup disk and randomly tested it on a laptop I've only just set up.
Well impressed. But also worried. It claims to have found - in the pagefile.sys no less - a virus with the name vgen.1055.0 which I've never heard of and nor has anyone else on the web - including the major antivirus vendors none of whom have it in their online libraries. There are half a dozen sites listing it amongst a list of worms, but nothing explaining or justifying that inclusion. No commentary is available anywhere. (at least not that I could find)
So does anyone here have any clue what it may be?
|
|
 |
 | |  |
GuitarBob
Joined: 09 Jul 2006 |
Posts: 9 |
Location: USA |
|
 |
Posted: Wed Feb 20, 2008 1:01 am |
|
 |
 |
 |
 |
Was this by any chance a PUA detection? If you have ClamWin's PUA detection turned on, the PUA signatures trigger on hacker tools, which are not necessarily viruses/malware, but they can be used for that purpose. If not a PUA, then I suggest that you upload the file containing the "malware" to Jotti and see what over 20 other scanners say about it. If any of them spot something, they will have a name you can cross reference. If no other scanners spot it, then tell Clam it is a false positive at https://cgi.clamav.net/sendvirus.cgi on the Web.
Regards,
|
|
sherpya
Joined: 22 Mar 2006 |
Posts: 0 |
Location: Italy |
|
 |
Posted: Wed Feb 20, 2008 12:12 pm |
|
 |
 |
 |
 |
do not scan pagefile, remove it if you want, clamav may found a pattern signature that belongs to the one that loaded in memory when windows was running
you may found random viruses just because the pattern was loaded by a running av
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
Powered by
phpBB © phpBB Group
Design by
phpBBStyles.com |
Styles Database.
Content © ClamWin Free Antivirus GNU GPL Free Software Open Source Virus Scanner. Free Windows Antivirus. Stay Virus Free with Free Software.