I just got back online after being forced to sleep (oh the joys) to find a report waiting for me, from the gateway. It would appear that ClamWin has developed the same F/P that many other AV's seem to have experienced.
In this case, ClamWin detected wextract.exe, the Win32 Cabinet Self Extractor file, as Worm.Waledac-2299 in the following directories;
%SystemRoot%\ServicePackFiles\i386
%SystemRoot%\System32
This file is not critical to Windows, so this F/P unlike the previous one's, won't cripple the system. You can either ignore it if you don't need this file, or restore it either from the Windows CD, or from the ClamWin quarantine.
/edit 04-05-2009
Just an addendum, this has now been mentioned over at the ClamWin forums.
http://forums.clamwin.com/viewtopic.php?t=2302
Sunday, 3 May 2009
Subscribe to:
Post Comments (Atom)
1 comment:
It would be more correct to say ClamAV went bonkers :)
ClamWin guys only handle the Windows version, all the defs come from ClamAV. Since ClamAV is not Windows app itself, these things unfortunately happen (I dunno how much they test their defs on Windows before releasing)
-lordpake
Post a Comment