jw.michels at gmail
May 1, 2009, 2:38 PM
Post #2 of 2
Re: How do I return these files to their original names and folders
[In reply to]
Thanks for responding.
I've found most of these same files on my laptop. They are located in
and in: \System Volume
Installer (as are the others) is a hidden file, I found it and opened it
with "Everything" search on my laptop. Windows search will not locate the
file. Each of the files in quarantine on my desktop is located on my laptop
as well (less the ".infected" addition.) So I am pretty certain they are not
viruses or trojans. I can also find the path and the folder on the laptop
but am unable to get the hidden folders on my desktop to open. Even when I
clik "show hidden folders" the Installer and $patchcache$ folders are not
I downloaded my version of Clamwin from the Clamwin website. It ran fine
until the April 27 (approx) update.
I run Windows firewall, Sygate personal firewall, spyware blaster, ccleaner,
advanced systems care, AVG free and Clamwin antivirus. I have had this
combination for several years now.
On Fri, May 1, 2009 at 3:58 PM, Tom Metro
<tmetro+clamwin32 [at] gmail<tmetro%2Bclamwin32 [at] gmail>
> J.W. Michels wrote:
> > After a recent virus scan (Clamwin) I discovered that several programs
> > no longer working properly.
> > I need to know if these are "false positives"
> The main ClamAV-users list is a better place to ask that.
> You'll want to post more than just the file list. You should dig up the
> report indicating what was found in those files, or rescan them.
> > ...and if they are how do I return them to their original file name
> > and location?
> > EXCEL.EXE.infected
> > EXCEL.EXE.infected.000.infected
> It appears the infected files are being renamed (they may have been
> moved and/or permissions altered as well). As far as I know, that isn't
> something the official win32 port of ClamAV does, so you are likely
> using a third party port of ClamAV and/or some other tool that
> incorporates ClamAV. The organization that produced the software ought
> to be able to tell you how to reverse the quarantine process.
> Tom Metro
> Venture Logic, Newton, MA, USA
> "Enterprise solutions through open source."
> Professional Profile: http://tmetro.venturelogic.com/
This e-mail transmission may contain information that is proprietary,
privileged and/or confidential and is intended exclusively for the person(s)
to whom it is addressed. Any use, copying, retention or disclosure by any
person other than the intended recipient or the intended recipient's
designees is strictly prohibited. If you have received this message in
error, please notify the sender immediately by return e-mail and delete all
5752 150th St.
Lubbock, Texas 79424
806 863-3704 - Home
806 224 3947 - Cell
jw.michels [at] gmail - Personal/Professional
jwmichels [at] msn