From clamav-win32-bounces@lists.clamav.net Sat May 2 01:43:13 2009 Return-Path: X-Original-To: list@tad.clamav.net Delivered-To: list@tad.clamav.net X-Virus-Scanned: Debian amavisd-new at tad.clamav.net Received: from tad.clamav.net ([127.0.0.1]) by localhost (tad.clamav.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id to5RCy48ZaR9; Sat, 2 May 2009 01:43:12 +0200 (CEST) Received: from tad.clamav.net (localhost.localdomain [127.0.0.1]) by tad.clamav.net (Postfix) with ESMTP id 3B53616C0D5; Sat, 2 May 2009 01:43:12 +0200 (CEST) X-Original-To: clamav-win32@tad.clamav.net Delivered-To: clamav-win32@tad.clamav.net X-Virus-Scanned: Debian amavisd-new at tad.clamav.net Received: from tad.clamav.net ([127.0.0.1]) by localhost (tad.clamav.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id riDra4oM4HyD for ; Sat, 2 May 2009 01:43:08 +0200 (CEST) Received: from mail-bw0-f176.google.com (mail-bw0-f176.google.com [209.85.218.176]) by tad.clamav.net (Postfix) with ESMTP id D36BD16C0CF for ; Sat, 2 May 2009 01:43:08 +0200 (CEST) Received: by bwz24 with SMTP id 24so2531128bwz.8 for ; Fri, 01 May 2009 16:43:08 -0700 (PDT) MIME-Version: 1.0 Received: by 10.204.66.135 with SMTP id n7mr3057470bki.155.1241221387746; Fri, 01 May 2009 16:43:07 -0700 (PDT) In-Reply-To: References: <291eabdb0905011041t57d4646cjb9e3620057edf38c@mail.gmail.com> <49FB626F.2060601@gmail.com> <291eabdb0905011438v63dad05aw2d8193fe3454660c@mail.gmail.com> <49FB7EDA.9090800@gmail.com> Date: Fri, 1 May 2009 18:43:07 -0500 Message-ID: <291eabdb0905011643k11fb88d1j4f348bbe28983d57@mail.gmail.com> From: "J.W. Michels" To: clamav-win32@lists.clamav.net X-Content-Filtered-By: Mailman/MimeDel 2.1.9 Subject: Re: [clamav-win32] How do I return these files to their original names and folders X-BeenThere: clamav-win32@lists.clamav.net X-Mailman-Version: 2.1.9 Precedence: list Reply-To: clamav-win32@lists.clamav.net List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: clamav-win32-bounces@lists.clamav.net Errors-To: clamav-win32-bounces@lists.clamav.net Hi, Yes I'm using officeXP pro. I tired to replace the files in the hidden folders but couldn't get them to reveal. All of the "infected" files are either Excell files are or Microsoft signature Install files. So I'm doing a restore from a retrospect backup I did several months ago. I'm running a dual boot Win Mellenium and XP pro and am doing the disc restore from millenium. I dont know if it is going to work but if not I will simply reinstall everything. I haven't had to do a re install since 2005 so it is probably about time to clean it up. This old 2001 Dell has pretty much completely been rebuilt and I like to keep it running clean and simple. thanks for the info. J.W. Michels On Fri, May 1, 2009 at 6:17 PM, Michael M. Minor wrote: > The Excel.exe may very well be a false positive, I had the same problem and > the digital signature was still intact. I submitted it as a false positve > to the signature team, but I don't know if they have gotten to it yet. Are > you using Office XP? > > Michael M. Minor > > On Fri, May 1, 2009 at 6:59 PM, Tom Metro > < > tmetro%2Bclamwin32@gmail.com > > > wrote: > > > J.W. Michels wrote: > > > Each of the files in quarantine on my desktop is located on my laptop > > > as well (less the ".infected" addition.) So I am pretty certain they > are > > not > > > viruses or trojans. > > > > What leads you to that conclusion? They could be existing files that > > became infected. > > > > Additionally, if you're running the same AV tools on the laptop, and > > they haven't been quarantined there, that's further evidence that > > there's something different (like an infection) about the ones on the > > desktop. > > > > > > > I downloaded my version of Clamwin from the Clamwin website. > > > > ClamWin is an independent project that makes use of ClamAV technology > > internally. Not to dismiss your questions, but you're better off posting > > your question about how to get your files out of quarantine on their > > forums: > > > > http://forums.clamwin.com/ > > > > Their code is responsible for the quarantine action, once the AV engine > > says it is infected, so they'll know how to reverse it. > > > > And for your false positive question, you'll probably also reach more > > people there who are regularly scanning all the files on a Windows > > desktop. (Many users of the official win32 port only use it to scan > > email attachments.) > > > > -Tom > > > > -- > > Tom Metro > > Venture Logic, Newton, MA, USA > > "Enterprise solutions through open source." > > Professional Profile: http://tmetro.venturelogic.com/ > > _______________________________________________ > > http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-win32 > > > _______________________________________________ > http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-win32 > -- This e-mail transmission may contain information that is proprietary, privileged and/or confidential and is intended exclusively for the person(s) to whom it is addressed. Any use, copying, retention or disclosure by any person other than the intended recipient or the intended recipient's designees is strictly prohibited. If you have received this message in error, please notify the sender immediately by return e-mail and delete all copies J.W. Michels 5752 150th St. Lubbock, Texas 79424 806 863-3704 - Home 806 224 3947 - Cell jw.michels@gmail.com - Personal/Professional jwmichels@msn.com _______________________________________________ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-win32