 |
 | New VIrus found: I don't know how to eliminate or quarantine |  |
|
matteobuatier
|
|
I post here the report scan. It is the first time I use this A/V. But i have noidea how to remove the virus. I ran teh scan 2 times and the virus is always there. I also have a-Square Anti Malware but it seems to be affected too. I cannot read into it and I get a row of squares instead of normal latin script...
Any support is welcome. Regards, Matteo BUatier Scan Started Wed May 06 09:37:57 2009 ------------------------------------------------------------------------------- C:\Dokumente und Einstellungen\Matteo\Anwendungsdaten\Mozilla\Firefox\Profiles\g4wc9tqm.default\places.sqlite-journal: Permission denied C:\Dokumente und Einstellungen\Matteo\Lokale Einstellungen\Temp\etilqs_Vi903h3cxaIpI4g7IJMb: Permission denied C:\hiberfil.sys: Permission denied C:\pagefile.sys: Permission denied C:\WINDOWS\system32\config\default: Permission denied C:\WINDOWS\system32\config\SAM: Permission denied C:\WINDOWS\system32\config\SECURITY: Permission denied C:\WINDOWS\system32\config\software: Permission denied C:\WINDOWS\system32\config\system: Permission denied C:\WINDOWS\system32\zkisu.dll: Permission denied C:\Programme\Microsoft Office\Office12\excelcnv.exe: W32.Virut.Gen.D-163 FOUND C:\Programme\MSECache\O2007Cnv\1031\O12Conv.cab: W32.Virut.Gen.D-163 FOUND C:\WINDOWS\I386\MODEMUI.DL_: Trojan.Swizzor.Gen FOUND C:\WINDOWS\system32\dllcache\modemui.dll: Trojan.Swizzor.Gen FOUND C:\WINDOWS\system32\modemui.dll: Trojan.Swizzor.Gen FOUND ----------- SCAN SUMMARY ----------- Known viruses: 544200 Engine version: 0.95.1 Scanned directories: 2754 Scanned files: 37524 Infected files: 5 Data scanned: 8346.02 MB Data read: 15295.89 MB (ratio 0.55:1) Time: 5970.428 sec (99 m 30 s) -------------------------------------- Completed |
|||||||||||
|
|||||||||||||
 |
| |
|
Antonio S.
|
|
Hello Matteo,
The files with permission denied mark are usually locked by OS (you can find more info on another thread https://forums.clamwin.com/viewtopic.php?t=1959&highlight=permission+denied). For the other files that Clawin has detcted as suspect (good thing you have kept the default setting of the 'Report only' option on the Preferences tab). Seems that Clam is giving more false positive in most recent releae. My suggestion is to upload the suspect files on www.virustotal.com and see what comes out. If only a couple of Av's (besides Clamwin) spot the files as infected it is likely to be a false positive case; if this occurs notify Clam team using the form @ cgi.clamav.net/sendvirus.cgi. They will fix the issue within a few days. If they appear to be real malware you can just set Clamwin references to Quarantine option and relaunch scan thus to move the infected feiles to the Quarantine folder. You can navigate to that folder and remove the files later if you wish. Before quarantining/removing files I suggest you make a copy of yr. personal/important data. As per what I can see some of the suspect files are into the system32 folder so removing them could affect the functionality of the system. Hope this helps, Antonio |
|||||||||||
|
|||||||||||||
|
 | New VIrus found: I don't know how to eliminate or quarantine | |
|
||
|
|
|
Powered by phpBB © phpBB Group
Design by phpBBStyles.com | Styles Database.
Content © ClamWin Free Antivirus GNU GPL Free Software Open Source Virus Scanner. Free Windows Antivirus. Stay Virus Free with Free Software.
Design by phpBBStyles.com | Styles Database.
Content © ClamWin Free Antivirus GNU GPL Free Software Open Source Virus Scanner. Free Windows Antivirus. Stay Virus Free with Free Software.