|
bobwilson
| Joined: 05 May 2010 |
| Posts: 0 |
|
|
|
 Posted: Wed May 05, 2010 2:59 pm |
|
 |
 |
|
|
and a couple of other pieces of spyware on my XP PC. I'm definitely not a computer expert to say the least. I assume that Clamwin doesn't actually remove these? It showed me the location of these programs, so my stupid question is how do I go about removing them from the system? Thanks in advance.
|
|
|
|
GuitarBob
| Joined: 09 Jul 2006 |
| Posts: 9 |
| Location: USA |
|
|
| Posted: Wed May 05, 2010 7:14 pm |
|
|
|
|
|
ClamWin has a default infected file option of Report Only. In the ClamWin General Configuration tab, you can select the option you want: Report Only, Remove (use carefully), or Quarantine. In the past, we recommended that you keep the default of Report Only--because if ClamWin has a false detection (a false positive) on a Windows system file and deletes/quarantines it, you will lose access to your system (that is bad!) With version .96, ClamWin has some (but not complete) false positive protection on system files, so it is probably safe to set the option to Quarantine in most cases.
You could set the option to Quarantine and then do a complete rescan or manually scan only the infected files, and ClamWin will move them to Quarantine.
I still prefer to leave the infected file option to Report Only. When I get an infection, I verifiy it on VirusTotal, and if a bunch of other AVs (say 5 or more) besides Clam AV (ClamWin uses the Clam AV scanning engine/signatures), then I will delete/quarantine the file. If not very many AVs besides Clam see an infection, I will assume it is a false positive and then visit the Clam AV submission page to upload the file with the false positive to them for correction.
If you get several infections with the same virus, that is a good sign of a false positive. In that case, you only need to verify one of the files and send only one of the files to Clam if it is a false positive.
Regards,
|
|
|
|
bobwilson
| Joined: 05 May 2010 |
| Posts: 0 |
|
|
|
| Posted: Thu May 06, 2010 3:04 pm |
|
|
|
|
|
Thanks for the response. I actually did what you were mentioning and used another tool to check the system again. I downloaded Microsoft Security Essentials and ran a full scan. It found 2 adware programs. I deleted these. I also have Norton which I'll run tonight.
Thanks again.
|
|
|
|
GuitarBob
| Joined: 09 Jul 2006 |
| Posts: 9 |
| Location: USA |
|
|
| Posted: Thu May 06, 2010 3:40 pm |
|
|
|
|
|
I do not recommend running more than one antivirus in real-time mode. Both Security Essentials and Norton are good real-time scanners, but I would use one in permanent real-time mode and keep the other as a backup. ClamWin also makes a good backup because it is not a real-time scanner, and it is oriented a bit more towards email malware, rather than exploits and leading edge malware.
Regards,
|
|
|
