[clamav-users] How to clean infection by Docx.Exploit.CVE_2015_1770
G.W. Haywood
clamav at jubileegroup.co.uk
Wed Jul 22 16:45:06 UTC 2015
Hi there,
On Wed, 22 Jul 2015, JD Ackle wrote:
> I would like to know how can I remove Docx.Exploit.CVE_2015_1770
> from Windows/System32/config/SOFTWARE
As others have said, you might have found a false positive. You need to
find out if that is the case or not before you do anything else.
If it is not a false positive but a real infection, then the ClamAV
users' mailing list cannot really help you with your question.
ClamAV tells you if it thinks that it has found something. It is up to
you to decide what to do about it. You *can* choose to delete files if
they are flagged by ClamAV, but in general that is not recommended; and
as /Windows/System32/config/SOFTWARE is one of Windows' registry files,
it will certainly damage your Windows installation if you delete it.
There are many Internet help sites and similar which can help you with
your question.
Reading the rest of your message tells me that you need something. :)
For self-help I personally recommend MalwareBytes Anti-Malware (MBAM).
If you download it, be careful where you get it from. Some Websites
have been seen to include malicious software with the download.
--
73,
Ged.
More information about the clamav-users
mailing list