False Positive Chernobyl?

I scanned one of my PCs with Antivir and Kaspersky's online scanner and they detected the W95/CIH virus in two EXE files in a Canon printer driver folder (within the main WINDOWS folder). The message box said the virus signature was "inactive". The files are dated back from 2001 when I first installed the printer. Is this a valid virus detection?

http://www.symantec.com/security_response/writeup.jsp?docid=2000-122010-2655-99

 

I would try to send files on virustotal.com. See what other products say about them.

 

Perhaps some benign Chernobyl remnants?

 

most likely a false positive,

dr.web and panda (only 2 i tried) both found dell printer drivers as w32 virus, sent to dr.web and they said it was a FP. (still to this day, dont know if panda fixed this one)

 

my bet is an incomplete repair, which is quite common for cih (chernobyl) infected files.

hard to find out exactly without the files.

 

I don't use that printer anymore so I went ahead and just quarantined the two items. They appear to be from a particular company that placed their software along with the other Canon printer files. I guess I can also send them to other online scanners to see what they say. Thanks.