ClamWin Free Antivirus Forum Index
ClamWin Free Antivirus
Support and Discussion Forums
ClamWin Free Antivirus Forum Index » General Suggestions/Questions
Reply to topic
WER - viruses always found in this folder with clamscan
ardbrand


Joined: 18 Jan 2009
Posts: 0
Post Posted: Sun Jan 18, 2009 9:37 am Reply with quote
Hi all I've just joined the forum and am perplexed by a recurring theme that happens when using ClamWin.

I have used all sorts of anti-virus ,and anti-spyware with rootkit search including top free ones like Avira, Spyware terminator, ad-aware ,and spy-bot but only ClamWin finds the same N.Pox 2 virus in my WER (windows error reporting) file!! does anyone know why this is and i always thought Npox was a virus that plagued systems years ago and didn't think it was still being used to infect computers.
also how does the virus always end up in this file as i would have thought that WER was supposed to be for our benefit being as it's Microsoft reporting errors!


I only ever use ClamWin now as any other anti-virus software fails to pick this virus up and having recently sent someone an email with an attachment they complained to me that it contained a virus so i duly ran clamwin and it picked up the same virus again! Why always the same virus in the same file?? does anyone have any theories?

Thanking anyone in advance who can help,regards,ardbrand
View user's profileSend private message
GuitarBob


Joined: 09 Jul 2006
Posts: 9
Location: USA
Post Posted: Sun Jan 18, 2009 5:15 pm Reply with quote
It is possible that this virus is a false positive, which contains code similar to viral code. In that case it is not a virus but ClamWin falsely recognizes it as one. You should upload the file to Jotti at https://virusscan.jotti.org/ on the web or to VirusTotal at https://www.virustotal.com/ on the web. Either service will scan it for you free with multiple antivirus programs, including Clam. If several other AVs besides Clam find it is infected, it probably is, and you should replace it--first see if anything else is a "companion" to it that keeps "dropping" it in that file. To do that, you should run a complete scan that is independent of your operating system as much as possible--try a scan in Safe Mode and/or a scan with a "rescue disk/CD" you can get from Dr. Web, F-Secure, Kaspersky, or Bit Defender.

If the file turns out to be a false positive, go to the Clam AV submission page at https://www.clamav.net/sendvirus/ on the web. Fill out the form and upload it. Be sure to indicate it is a false positive and the name of the virus. Explain what's going on in the description block. Clam will check it and adjust the signature within a couple of days.

Regards,
View user's profileSend private message
WER - viruses always found in this folder with clamscan
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
 		All times are GMT  
Page 1 of 1  
  
  
ClamWin Free Antivirus Forum Index » General Suggestions/Questions
 Reply to topic