I downloaded a file some time ago and recently found out that it contains a virus and according to Jotti Virus Scan only Clam AV detected is as a Generic.W32. No other AV software detected anything. None of the scanners used at VirusTotal detected any virus.

How can I clean the infected file without quarantining the whole file ?

The file is a Windows exe and I am running Windows XP SP3.

Thanks

Victor

ClamWin can't fix any files--it can only Report, Quarantine or Remove infected files, including false positive detections. You should upload the infected file to Clam AV starting at https://www.clamav.net/sendvirus/ on the web. When you get to the upload page, describe it as a false positive and tell the exact name of the false virus in the comments section. Also tell them the results on the Jotti or VirusTotal scan.

You can exclude the file from scans in ClamWin's Filters configuration tab for a while until the signature is fixed--within a few days.

Regards,

Thanks GuitarBob. I'll send the file and results of the online scan to the link you have provided. But I would not mind knowing why your describing the detection on Jotti as a false positive ? Could you please explain ?

Appreciate the reply

Victor

If only Clam (or just a few AVs) spot a file on Jotti as infected, it is probably a false positive. In fact, I have even seen some false positives with four or five AVs saying a file is infected. I will usually go with an infection if five or more AVs spot an infection, but to be sure, you should look at the AVs that have a large following. Bitdefender, Avast, and Kaspersky license versions of their scanners to other AVs, so I like to see them detect something on Jotti. VirusTotal has the "big guns" that sell a lot to corporations--McAfee, Microsoft, Symantec, and Trend Micro, so I like to see 2 or 3 of them have a detection on VirusTotal before I believe it.

Regards,