 |
 | Three Possible False Positives |  |
|
asphalt_jesus
|
|
Hi,
I may, or may not, have some false positives. C:\Program Files\GIMP 2\uninst\unins000.exe: Win.Worm.Agent-7494 FOUND C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleUpdateSetup.exe: Win.Worm.Agent-7462 FOUND C:\Program Files (x86)\Google\Update\Download\430FD4D0-B729-4F61-AA34-91526481799D\1.3.24.15\GoogleUpdateSetup.exe: Win.Worm.Agent-7462 FOUND XXYYZZ-Personal-information-path\AppData\Local\Temp\is-L3SQN.tmp\InstallCheck.exe: Win.Worm.454996 FOUND XXYYZZ-Personal-information-path\dwnlds\edonkey 2000 Professional v1.4.3 + Serial.rar: Win.Trojan.2664971 FOUND The Gimp and Google's apps came from trusted sources. A check with the housecall online application returned negative. Is there another scanner to recommend to check the sanity of clamwin? Or, maybe there's a site that maps names across different antivirus programs? I'm not sure if I should submit these as false positives either. So, any advice in this regard is welcome. Thank you in advance. |
|||||||||||
|
|||||||||||||
 |
| |
|
GuitarBob
|
|
Virus Total is the largest/best online scanner and it is free. It scans your files with over 50 AV programs, including Clam AV, which provides the scan engine and virus signatures used by ClamWin. I look to see if a file is detected as infected by at least 2 of these AVs: Bitdefender, Avira AntiVir, Eset Nod32, Kaspersky, and Sophos. Many AVs now use someone else's scan engine, but these 5 have their own, so there is no duplication.
You should submit all false positives to Clam AV at https://www.clamav.net/fp on the web. This will help all ClamWin users. Clam AV is now owned by Cisco, and their commercial security products get the most emphasis, so it might take a week or longer before the false positive is corrected. In the meantime, you can whitelist that file in ClamWin's tools, preferences, filters, exclude matching filenames menu so that ClamWin will not scan it. After you do that, you can restore the falsely-detected file via the QRecover program in ClamWin's program folder/bin subfolder. You can probably safely delete the whitelist item in about a month--Clam AV should have corrected their virus signature by then. Thank you for using ClamWin. Regards, |
|||||||||||
|
|||||||||||||
|
 | Three Possible False Positives | |
|
||
|
|
|
Powered by phpBB © phpBB Group
Design by phpBBStyles.com | Styles Database.
Content © ClamWin Free Antivirus GNU GPL Free Software Open Source Virus Scanner. Free Windows Antivirus. Stay Virus Free with Free Software.
Design by phpBBStyles.com | Styles Database.
Content © ClamWin Free Antivirus GNU GPL Free Software Open Source Virus Scanner. Free Windows Antivirus. Stay Virus Free with Free Software.