Hi
probably the wrong way to do this but here is a log from last night-I uploaded the file to an online scanner and yours was the only one that said it may be a virus:
-----------------------------------------------------------------------------------
The following files are Digitally Signed by Microsoft Corporation and may have been incorrectly detected as viruses:
C:\WINDOWS\system32\ddraw.dll: [Win.Trojan.Agent-36030] FALSE POSITIVE FOUND
Please do not be alarmed and help us by submitting the files identified above as FALSE POSITIVE at https://www.clamav.net/sendvirus/
END
I tried that sendvirus link but could not figure it out-the file is clean according to 50 other programs except yours.
Regards
Rod

The sendvirus link at Clam AV is the only way to report a file that is falsely-detected by ClamWin as infected with malware (virus, worm, rootkit, exploit, etc.). ClamWin uses the Clam AV scanning engine and signature database, as it ports over the Clam AV Linux code over to Windows.

The sendvirus procedure fairly easy to use--except maybe for the first time. On the sendvirus page, you have one link to report a false positive and another link to report/send a real malware sample. You should click the false positive link. Once you do, you will see the false positive reporting form. Insert your name and email address and tell them if you want to be notified when they have fixed the false positive. Clam needs actual files that are falsely detected as malware, so next click on browse and find the file on your computer that is falsely-detected and click on it. The file will be put in the box on the form next to browse. Next, go on down the page and insert the name of the malware tha is falsely detected--or you can just paste in the Description area on the report the section of the ClamWin scan report that mentions the false positive detection, which will have the falsely-detected malware name. They click on submit, and you are finished. It may take 30 seconds or a bit longer for Clam to upload the file from your computer to their submission interface. Wait until you get a message that your submission has been accepted--you may have to move the page up to see the message.

Submitting a malware sample is very similar to this procedure for submitting a false positive, but you have to select the submit a malware sample link to do that. Clam needs the actual files--it can do nothing with a ClamWin scan report.

You will be helping about 500,000 or so other ClamWin users every time you submit a false positive or malware sample.

Thanks for using ClamWin!

Regards,

Hi Bob
nice to talk to you again as you are nice-I am sorry I cant figure out that sendvirus thing-sorry,I will wait as someone else I am sure will do it......
BTW merry christmas and a happy new year to you and yours!!

Thanks
Rod
PS I wont try that send virus thing again(sorry) as I have a mental disabillity.......

Hello Rod. Don't worry about it--ClamWin false positive protection prevents it from being quarantined in error on your computer, and other ClamWin users probably have the same false positive and will report it to Clam.

Regards,

Ok thank you bob you are the best!
Rod

Merry Christmas, and thanks for using Clam Win!

Regards,