 |
 | After scan do I need to do anything else? |  |
|
sjroe
|
|
scan Started Mon Apr 21 17:35:31 2008
------------------------------------------------------------------------------- C:\Program Files\HP Games\Super Granny 3\SuperGranny3.exe: Trojan.Hupigon-9737 FOUND C:\Program Files\Online Services\Aolca\comps\acs\acssetup.exe: Trojan.Startpage-619 FOUND C:\Program Files\Online Services\Aolus\AOL90\COMPS\ACS\ACSSETUP.EXE: Trojan.Startpage-619 FOUND C:\ProgramData\.clamwin\quarantine\infected.ACSSETUP.EXE.000.000.000.000: Trojan.Startpage-619 FOUND C:\ProgramData\.clamwin\quarantine\infected.acssetup.exe.001.000.000: Trojan.Startpage-619 FOUND C:\ProgramData\.clamwin\quarantine\infected.SuperGranny3.exe.000.000.000: Trojan.Hupigon-9737 FOUND C:\Users\All Users\.clamwin\quarantine\infected.ACSSETUP.EXE.000.000.000.000: Trojan.Startpage-619 FOUND C:\Users\All Users\.clamwin\quarantine\infected.acssetup.exe.001.000.000: Trojan.Startpage-619 FOUND C:\Users\All Users\.clamwin\quarantine\infected.SuperGranny3.exe.000.000.000: Trojan.Hupigon-9737 FOUND ----------- SCAN SUMMARY ----------- known viruses: 263555 Engine version: 0.93 Scanned directories: 18443 scanned files: 151909 Infected files: 9 Not copied: 6 Data scanned: 25969.37 MB Time: 5495.659 sec (91 m 35 -------------------------------------- Completed I can't find the quarantine file to remove what is there and the top 3 are ligitimate programs that came loaded on my PC when I purchased it. Should I remove them? -------------------------------------- |
|||||||||||
|
|||||||||||||
 |
| |
|
GuitarBob
|
|
Go to VirusTotal at https://www.virustotal.com/ on the Web and upload those files one at a time for scanning. VT will give you a report on each file. If several other AVs there find an infection, it's probably for real. Delete the file in that case.
As for locating the files on your computer, if you have ClamWin set to quarantine, they have been put in the quarantine folder, which is C:\Documents and Settings\All Users\.clamwin\quarantine on a Windows XP machine. The quarantine folder location is listed in the box below "move to the quarantine folder" on the General Preferences Page. If you have ClamWin set to Report Only, they file stay where they originally were on your computer. Their location is listed in the ClamWin Scan Report. You can "paint" the location and go there using Windows Explorer. I prefer to leave the files where they were, upload them to VT, and remove/replace them if VT finds an infection. Regards, |
|||||||||||
|
|||||||||||||
|
| |
|
sjroe
|
|
Thank you
|
|||||||||||
|
|||||||||||||
|
| |
|
richard myers
|
|
This is good information, thanks. But after discovering a false positive, what is the best way to avoid revisiting this file in future scans? Can ClamWin be configured to ignore individual files? best wishes, richard myers Denver, Colorado |
|||||||||||||
|
|||||||||||||||
|
| |
|
GuitarBob
|
|
Best way to avoid revisiting the file in future scans is to upload at copy of it to Clam at https://cgi.clamav.net/sendvirus.cgi on the Web and tell them it is a false positive, so they will remove/change the signature. You can go to ClamWin's filters preferences and put the filename in the "Exclude Matching Filenames" section until Clam updates the signatures. If the detection is a PUA (potentially unwanted application), you could uncheck the PUA detection block in ClamWin's advanced preferences for a while until the signature is changed, but they don't like to change the PUAs.
Regards, |
|||||||||||
|
|||||||||||||
|
 | After scan do I need to do anything else? | |
|
||
|
|
|
Powered by phpBB © phpBB Group
Design by phpBBStyles.com | Styles Database.
Content © ClamWin Free Antivirus GNU GPL Free Software Open Source Virus Scanner. Free Windows Antivirus. Stay Virus Free with Free Software.
Design by phpBBStyles.com | Styles Database.
Content © ClamWin Free Antivirus GNU GPL Free Software Open Source Virus Scanner. Free Windows Antivirus. Stay Virus Free with Free Software.