 |
 | [b]W32.CIH.1003 FOUND[/b] |  |
|
glow259
|
|
Hello, how do you remove quarantined W32.CIH.1003 FOUND
Thanx!! 
c:\WINDOWS\All Users\.clamwin\quarantine\infected.itp32.exe.000: W32.CIH.1003 FOUND c:\WINDOWS\All Users\.clamwin\quarantine\infected.itp32.exe.000: moved to 'C:\WINDOWS\All Users\.clamwin\quarantine\infected.itp32.exe.000.000' |
|||||||||||
|
|||||||||||||
 |
| Removal | |
|
GuitarBob
|
|
Just use Windows Explorer (go to the ClamWin quarantine directory (C:\Documents and Settings\All Users\.clamwin\quarantine in Windows XP), right click on the file and select delete--just like deleting any file. You could copy it to CD first--to start a virus collection!
Regards, |
|||||||||||
|
|||||||||||||
|
| |
|
glow259
|
|
Done!!!... Thanx!!
|
|||||||||||
|
|||||||||||||
|
| |
|
sherpya
|
|
 |
|||||||||||
|
|||||||||||||
|
| |
|
troll
|
|
I have that virus too on my laptop. But I just used virustotal.com to test the file and as result only 3 of 20 scanners found that virus. Could be false positive. For some reason ClamWin didnt found the virus at virustotal....
|
|||||||||||
|
|||||||||||||
|
| |
|
GuitarBob
|
|
You probably should have started a new thread with your post. Anyway, if two or more scanners find something, it is probably some kind of malware. Many scanners don't devote much time/effort to spyware, so it might be spyware. In addition, it could be a very narrowly-distributed virus--say just let out in Ukraine or some place like that--the bad guys are starting to do that now--figuring they don't have the resources to detect it and the large antivirus companies aren't concerned enough to put it in their database. That's why VirusTotal is very useful. VirusTotal provides copies of all malware to the AV companies that don't detect it. IN addition, VirusTotal now has a downloadable script that automates virus submission to them.
Do a search on Google the name of the virus and see what you can find out. You can probably tell from that information whether or not it is a real virus. I'll bet you find it's a real virus. Regards, |
|||||||||||
|
|||||||||||||
|
| |
|
troll
|
|
Its a "real" virus, which is quite dangerous and pretty common. The are a lot of variants around, so the popular scanners should find it. However the virus does not work with WinXP or above.
https://de.mcafee.com/virusInfo/default.asp?id=description&virus_k=10300 |
|||||||||||
|
|||||||||||||
|
| |
|
GuitarBob
|
|
I see. Well, many antivirus programs are stopping support of the Win 9X boxes. Perhaps that's why it's not in ClamAV's signatures. Clam also concentrate upon email viruses, although their database is coming along nicely. If you've sent it to VirusTotal or ClamAV, just delete it from your machine(s).
Regards, |
|||||||||||
|
|||||||||||||
|
 | [b]W32.CIH.1003 FOUND[/b] | |
|
||
|
|
|
Powered by phpBB © phpBB Group
Design by phpBBStyles.com | Styles Database.
Content © ClamWin Free Antivirus GNU GPL Free Software Open Source Virus Scanner. Free Windows Antivirus. Stay Virus Free with Free Software.
Design by phpBBStyles.com | Styles Database.
Content © ClamWin Free Antivirus GNU GPL Free Software Open Source Virus Scanner. Free Windows Antivirus. Stay Virus Free with Free Software.