 |
 | now, what? |  |
|
thebluestar98
|
|
C:\Users\All Users\.clamwin\quarantine\YHARNT~1.INF.infected.000.infected.000.infected.000.infected.000.infected: Trojan.Vundo-4289 FOUND
C:\Users\All Users\.clamwin\quarantine\YJLXWR~1.INF.infected.000.infected.000.infected.000.infected.000.infected: Trojan.Vundo-3568 FOUND C:\Users\All Users\.clamwin\quarantine\YKOSFD~1.INF.infected.000.infected.000.infected.000.infected.000.infected: Trojan.Vundo-4817 FOUND C:\Users\All Users\.clamwin\quarantine\YKVFPY~1.INF.infected.000.infected.000.infected.000.infected.000.infected: Trojan.Small-7524 FOUND C:\Users\All Users\.clamwin\quarantine\YMTEXL~1.INF.infected.000.infected.000.infected.000.infected.000.infected: Trojan.Vundo-3251 FOUND C:\Users\All Users\.clamwin\quarantine\YPJTYD~1.INF.infected.000.infected.000.infected.000.infected.000.infected: Trojan.Small-7524 FOUND C:\Users\All Users\.clamwin\quarantine\YTAHLX~1.INF.infected.000.infected.000.infected.000.infected.000.infected: Trojan.Small-7524 FOUND C:\Users\All Users\.clamwin\quarantine\YTKYYV~1.INF.infected.000.infected.000.infected.000.infected.000.infected: Trojan.Agent-49443 FOUND C:\Users\All Users\.clamwin\quarantine\YVFNCM~1.INF.infected.000.infected.000.infected.000.infected.000.infected: Trojan.Vundo-3879 FOUND C:\Users\All Users\.clamwin\quarantine\YXREMJ~1.INF.infected.000.infected.000.infected.000.infected.000.infected: Trojan.Vundo-4368 FOUND C:\Users\All Users\.clamwin\quarantine\YYSNTG~1.INF.infected.000.infected.000.infected.000.infected.000.infected: Trojan.Vundo-3121 FOUND C:\Users\All Users\.clamwin\quarantine\ZBONRP~1.INF.infected.000.infected.000.infected.000.infected.000.infected: Trojan.Vundo-6523 FOUND C:\Users\All Users\.clamwin\quarantine\_A00F1~1.INF.infected.000.infected.000.infected.000.infected.000.infected.000.infected: Trojan.Vundo-4817 FOUND C:\Users\All Users\.clamwin\quarantine\_A00F1~2.INF.infected.000.infected.000.infected.000.infected.000.infected.000.infected: Trojan.Vundo-4817 FOUND C:\Users\All Users\.clamwin\quarantine\_A00F1~3.INF.infected.000.infected.000.infected.000.infected.000.infected.000.infected: Trojan.Vundo-4817 FOUND C:\Users\All Users\.clamwin\quarantine\_A00F2~1.INF.infected.000.infected.000.infected.000.infected.000.infected.000.infected: Trojan.Vundo-4817 FOUND C:\Users\All Users\.clamwin\quarantine\_A00F2~2.INF.infected.000.infected.000.infected.000.infected.000.infected.000.infected: Trojan.Vundo-4817 FOUND C:\Users\All Users\.clamwin\quarantine\_A00F2~3.INF.infected.000.infected.000.infected.000.infected.000.infected.000.infected: Trojan.Vundo-4817 FOUND C:\Users\All Users\.clamwin\quarantine\_A430C~1.INF.infected.000.infected.000.infected.000.infected.000.infected.000.infected.000.infected: Trojan.Vundo-4817 FOUND C:\Users\All Users\.clamwin\quarantine\_A4D89~1.INF.infected.000.infected.000.infected.000.infected.000.infected.000.infected.000.infected: Trojan.Vundo-4817 FOUND C:\Users\All Users\.clamwin\quarantine\_ADB54~1.INF.infected.000.infected.000.infected.000.infected.000.infected.000.infected.000.infected: Trojan.Vundo-4817 FOUND C:\Windows\winsxs\x86_microsoft-windows-e..-ehepgres.resources_31bf3856ad364e35_6.1.1000.18273_tk-tm_4c7254e9677fa605\ehepgres.dll.mui: Trojan.Swizzor.Gen FOUND Not sure what to do here. seems like some may be false positives. Am I to go into the infected files file and delete these files??? 466 total. Thanks for any help and info. |
|||||||||||
|
|||||||||||||
 |
| |
|
GuitarBob
|
|
I would certainly not delete any files in the Windows directory/subdirectories! I would verify those files by submitting them, one at a time, to VirusTotal or Jotti for a scan with multiple antivirus products. I do not think you need to submit more than one file, however, if a virus is reported more than one time--if it is false positive, more than likely the other files reported with the same virus are also false. VirusTotal is at https://www.virustotal.com/ on the web. Jotti is at https://virusscan.jotti.org/en on the web. VirusTotal has an email/uploader script you can download to make the submission process a bit easier via email or direct to them.
Whenever Clamwin shows more than one infection for the same virus, it is likely a false positive. There are exceptions, but most viruses are designed to be stealthy now, and they are not stealthy if they infect a whole bunch of files! Keep your ClamWin infected file option set to Report Only! Be sure to submit only one file to Clam for each different false positive virus--no need to submit more than one file for the same false virus. Regards, |
|||||||||||
|
|||||||||||||
|
| |
|
thebluestar98
|
|
thank you very much for the help, GuitarBob!
Im glad I asked! |
|||||||||||
|
|||||||||||||
|
 | now, what? | |
|
||
|
|
|
Powered by phpBB © phpBB Group
Design by phpBBStyles.com | Styles Database.
Content © ClamWin Free Antivirus GNU GPL Free Software Open Source Virus Scanner. Free Windows Antivirus. Stay Virus Free with Free Software.
Design by phpBBStyles.com | Styles Database.
Content © ClamWin Free Antivirus GNU GPL Free Software Open Source Virus Scanner. Free Windows Antivirus. Stay Virus Free with Free Software.