I have two computers that use Clamwin and found worm-pinit-4 this morning. Another thread indicates that this is a false positive.

One of those two machines also identified this infection: dialer-4186. It says that it found it in Vixregexp.exe, which is a file for the program Vixwin, which is an image management program for dentists.

It seems pretty unlikely that a virus would infect that particular file, since it's pretty uncommon.

Is this another false positive? Any thoughts would be appreciated!

Thanks!

Hello,

Made a scan of my C: drive yesterday and Clamwin located a couple of files somwehere in the Windows subfolders identifying them as worm-pinit-4. Uploaded them to Virus total and all of them came out clean. Definitely it was a false positive and I notified Clam using the relevant form @ https://cgi.clamav.net/sendvirus.cgi.
You should make a similar check on Virus Total. Probably it is the same case. If it results to be a false positive pls notify Clam so they are going to fix the issue.

Regards,
Antonio

Thanks Antonio. So I just grab the file in question, feed it to that url, and it will tell me what it thinks? I'll give that a try, and let everyone know.

Hello Shawn,
You can choose to upload the file directly to https://www.virustotal.com and see the report that pops up. I personally have chosen to install the Virus total uploader on my computer to make things easier: you just locate the suspect file, right click on it and choose the option 'send file to Virus total' and the file will be uploaded to the service automatically (note; you can upload a file with a max. size of 10 MB).

If the file appears to be a false positive (and it's very likley to be; there has been an exploit of falsies yesterday but just today a lot of them were fixed by Clam) you just notify Clam using the form indicated below. Anyway if you download Virus DB updates right now and run a scan of your machine I guess that Clamwin will not show the files as suspect anymore.

Regards,
Antonio