Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Woah there... I scan my computer everyday and I'm infected?


  • Please log in to reply
5 replies to this topic

#1 Sahqon

Sahqon

  • Members
  • 8 posts
  • OFFLINE
  •  

Posted 12 December 2015 - 02:33 PM

I downloaded this clamwin thing when my friend used it because her computer was infected or something. My computer doesn't really run slow, but I did a full system scan seeing as it couldn't hurt... this thing finds 340 viruses or errors. I guess I should buy another PC? If this thing isn't treatable I dont like having an infected pc  that I cannot do anything with as I am a writer and I have valuable things on my system.

 

Here are the things I've picked up. None of these are files I'd even think about opening... If this computer is truly infected they've picked one of the best targets as I am a game developer that can spread their filth to thousands.

 

Edit: The reason I'm not *panicking* I'm skeptical is that clamwin is the only thing that's picking up this thing. Either this thing is really good or there are alot of false positives here. My computer is not showing any signs of going wild. I open many .exes everyday  and they're not showing up in the scan logs. None of my sensitive files are. Just Mahjong and Raidcall... neither of the files I use. I did install raidcall and I'm sure mahjong came with my computer... eh, I dont even know.

 

Edit 2: I'm usually tired/ multitasking most of the time. I apologize for the random flubs in syntax of my sentences.

 

C:\Documents and Settings\All Users\.clamwin\quarantine\0X1000~1.INF.infected.000.infected: AT-144.D FOUND
C:\Documents and Settings\All Users\.clamwin\quarantine\0X1000~1.INF.infected.000.infected: moved to 'C:\ProgramData\.clamwin\quarantine\0X1000~1.INF.infected.000.infected.000'
C:\Documents and Settings\All Users\.clamwin\quarantine\0X1000~2.INF.infected.000.infected: AT-144.D FOUND
C:\Documents and Settings\All Users\.clamwin\quarantine\0X1000~2.INF.infected.000.infected: moved to 'C:\ProgramData\.clamwin\quarantine\0X1000~2.INF.infected.000.infected.000'
C:\Documents and Settings\All Users\.clamwin\quarantine\DRIVEG~1.INF.infected.000.infected: Win.Worm.Chir-1939 FOUND
C:\Documents and Settings\All Users\.clamwin\quarantine\DRIVEG~1.INF.infected.000.infected: moved to 'C:\ProgramData\.clamwin\quarantine\DRIVEG~1.INF.infected.000.infected.000'
C:\Documents and Settings\All Users\.clamwin\quarantine\DRIVER~1.INF.infected.000.infected: Win.Worm.Chir-2585 FOUND
C:\Documents and Settings\All Users\.clamwin\quarantine\DRIVER~1.INF.infected.000.infected: moved to 'C:\ProgramData\.clamwin\quarantine\DRIVER~1.INF.infected.000.infected.000'
C:\Documents and Settings\All Users\.clamwin\quarantine\INPITC~1.INF.infected.000.infected: Win.Worm.Warezov-216 FOUND
C:\Documents and Settings\All Users\.clamwin\quarantine\INPITC~1.INF.infected.000.infected: moved to 'C:\ProgramData\.clamwin\quarantine\INPITC~1.INF.infected.000.infected.000'
C:\Documents and Settings\All Users\.clamwin\quarantine\LIBMP3~1.INF.infected.000.infected: Win.Trojan.Ramnit-6240 FOUND
C:\Documents and Settings\All Users\.clamwin\quarantine\LIBMP3~1.INF.infected.000.infected: moved to 'C:\ProgramData\.clamwin\quarantine\LIBMP3~1.INF.infected.000.infected.000'
C:\Documents and Settings\All Users\.clamwin\quarantine\LIBMP3~2.INF.infected.000.infected: Win.Trojan.Ramnit-6240 FOUND
C:\Documents and Settings\All Users\.clamwin\quarantine\LIBMP3~2.INF.infected.000.infected: moved to 'C:\ProgramData\.clamwin\quarantine\LIBMP3~2.INF.infected.000.infected.000'
C:\Documents and Settings\All Users\.clamwin\quarantine\MAHJON~1.INF.infected.000.infected: Win.Worm.Agent-7500 FOUND
C:\Documents and Settings\All Users\.clamwin\quarantine\MAHJON~1.INF.infected.000.infected: moved to 'C:\ProgramData\.clamwin\quarantine\MAHJON~1.INF.infected.000.infected.000'
C:\Documents and Settings\All Users\.clamwin\quarantine\RAIDCA~1.INF.infected.000.infected: SWF.Exploit.Kit-331 FOUND
C:\Documents and Settings\All Users\.clamwin\quarantine\RAIDCA~1.INF.infected.000.infected: moved to 'C:\ProgramData\.clamwin\quarantine\RAIDCA~1.INF.infected.000.infected.000'
C:\Documents and Settings\All Users\.clamwin\quarantine\UPDATE~1.INF.infected.000.infected: Win32.Exploit.CVE_2015_2525 FOUND
C:\Documents and Settings\All Users\.clamwin\quarantine\UPDATE~1.INF.infected.000.infected: moved to 'C:\ProgramData\.clamwin\quarantine\UPDATE~1.INF.infected.000.infected.000'
C:\Documents and Settings\All Users\Application Data\.clamwin\quarantine\0X1000~1.INF.infected.000.infected.000: AT-144.D FOUND
C:\Documents and Settings\All Users\Application Data\.clamwin\quarantine\0X1000~1.INF.infected.000.infected.000: moved to 'C:\ProgramData\.clamwin\quarantine\0X1000~1.INF.infected.000.infected.000.infected'
C:\Documents and Settings\All Users\Application Data\.clamwin\quarantine\0X1000~2.INF.infected.000.infected.000: AT-144.D FOUND
C:\Documents and Settings\All Users\Application Data\.clamwin\quarantine\0X1000~2.INF.infected.000.infected.000: moved to 'C:\ProgramData\.clamwin\quarantine\0X1000~2.INF.infected.000.infected.000.infected'
C:\Documents and Settings\All Users\Application Data\.clamwin\quarantine\DRIVEG~1.INF.infected.000.infected.000: Win.Worm.Chir-1939 FOUND
C:\Documents and Settings\All Users\Application Data\.clamwin\quarantine\DRIVEG~1.INF.infected.000.infected.000: moved to 'C:\ProgramData\.clamwin\quarantine\DRIVEG~1.INF.infected.000.infected.000.infected'
C:\Documents and Settings\All Users\Application Data\.clamwin\quarantine\DRIVER~1.INF.infected.000.infected.000: Win.Worm.Chir-2585 FOUND
C:\Documents and Settings\All Users\Application Data\.clamwin\quarantine\DRIVER~1.INF.infected.000.infected.000: moved to 'C:\ProgramData\.clamwin\quarantine\DRIVER~1.INF.infected.000.infected.000.infected'
C:\Documents and Settings\All Users\Application Data\.clamwin\quarantine\INPITC~1.INF.infected.000.infected.000: Win.Worm.Warezov-216 FOUND
C:\Documents and Settings\All Users\Application Data\.clamwin\quarantine\INPITC~1.INF.infected.000.infected.000: moved to 'C:\ProgramData\.clamwin\quarantine\INPITC~1.INF.infected.000.infected.000.infected'
C:\Documents and Settings\All Users\Application Data\.clamwin\quarantine\LIBMP3~1.INF.infected.000.infected.000: Win.Trojan.Ramnit-6240 FOUND
C:\Documents and Settings\All Users\Application Data\.clamwin\quarantine\LIBMP3~1.INF.infected.000.infected.000: moved to 'C:\ProgramData\.clamwin\quarantine\LIBMP3~1.INF.infected.000.infected.000.infected'
C:\Documents and Settings\All Users\Application Data\.clamwin\quarantine\LIBMP3~2.INF.infected.000.infected.000: Win.Trojan.Ramnit-6240 FOUND
C:\Documents and Settings\All Users\Application Data\.clamwin\quarantine\LIBMP3~2.INF.infected.000.infected.000: moved to 'C:\ProgramData\.clamwin\quarantine\LIBMP3~2.INF.infected.000.infected.000.infected'
C:\Documents and Settings\All Users\Application Data\.clamwin\quarantine\MAHJON~1.INF.infected.000.infected.000: Win.Worm.Agent-7500 FOUND
C:\Documents and Settings\All Users\Application Data\.clamwin\quarantine\MAHJON~1.INF.infected.000.infected.000: moved to 'C:\ProgramData\.clamwin\quarantine\MAHJON~1.INF.infected.000.infected.000.infected'
C:\Documents and Settings\All Users\Application Data\.clamwin\quarantine\RAIDCA~1.INF.infected.000.infected.000: SWF.Exploit.Kit-331 FOUND
C:\Documents and Settings\All Users\Application Data\.clamwin\quarantine\RAIDCA~1.INF.infected.000.infected.000: moved to 'C:\ProgramData\.clamwin\quarantine\RAIDCA~1.INF.infected.000.infected.000.infected'
C:\Documents and Settings\All Users\Application Data\.clamwin\quarantine\UPDATE~1.INF.infected.000.infected.000: Win32.Exploit.CVE_2015_2525 FOUND
C:\Documents and Settings\All Users\Application Data\.clamwin\quarantine\UPDATE~1.INF.infected.000.infected.000: moved to 'C:\ProgramData\.clamwin\quarantine\UPDATE~1.INF.infected.000.infected.000.infected'
C:\Documents and Settings\All Users\Application Data\Application Data\.clamwin\quarantine\0X1000~1.INF.infected.000.infected.000.infected: AT-144.D FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\.clamwin\quarantine\0X1000~1.INF.infected.000.infected.000.infected: moved to 'C:\ProgramData\.clamwin\quarantine\0X1000~1.INF.infected.000.infected.000.infected.000'
C:\Documents and Settings\All Users\Application Data\Application Data\.clamwin\quarantine\0X1000~2.INF.infected.000.infected.000.infected: AT-144.D FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\.clamwin\quarantine\0X1000~2.INF.infected.000.infected.000.infected: moved to 'C:\ProgramData\.clamwin\quarantine\0X1000~2.INF.infected.000.infected.000.infected.000'
C:\Documents and Settings\All Users\Application Data\Application Data\.clamwin\quarantine\DRIVEG~1.INF.infected.000.infected.000.infected: Win.Worm.Chir-1939 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\.clamwin\quarantine\DRIVEG~1.INF.infected.000.infected.000.infected: moved to 'C:\ProgramData\.clamwin\quarantine\DRIVEG~1.INF.infected.000.infected.000.infected.000'
C:\Documents and Settings\All Users\Application Data\Application Data\.clamwin\quarantine\DRIVER~1.INF.infected.000.infected.000.infected: Win.Worm.Chir-2585 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\.clamwin\quarantine\DRIVER~1.INF.infected.000.infected.000.infected: moved to 'C:\ProgramData\.clamwin\quarantine\DRIVER~1.INF.infected.000.infected.000.infected.000'
C:\Documents and Settings\All Users\Application Data\Application Data\.clamwin\quarantine\INPITC~1.INF.infected.000.infected.000.infected: Win.Worm.Warezov-216 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\.clamwin\quarantine\INPITC~1.INF.infected.000.infected.000.infected: moved to 'C:\ProgramData\.clamwin\quarantine\INPITC~1.INF.infected.000.infected.000.infected.000'
C:\Documents and Settings\All Users\Application Data\Application Data\.clamwin\quarantine\LIBMP3~1.INF.infected.000.infected.000.infected: Win.Trojan.Ramnit-6240 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\.clamwin\quarantine\LIBMP3~1.INF.infected.000.infected.000.infected: moved to 'C:\ProgramData\.clamwin\quarantine\LIBMP3~1.INF.infected.000.infected.000.infected.000'
C:\Documents and Settings\All Users\Application Data\Application Data\.clamwin\quarantine\LIBMP3~2.INF.infected.000.infected.000.infected: Win.Trojan.Ramnit-6240 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\.clamwin\quarantine\LIBMP3~2.INF.infected.000.infected.000.infected: moved to 'C:\ProgramData\.clamwin\quarantine\LIBMP3~2.INF.infected.000.infected.000.infected.000'
C:\Documents and Settings\All Users\Application Data\Application Data\.clamwin\quarantine\MAHJON~1.INF.infected.000.infected.000.infected: Win.Worm.Agent-7500 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\.clamwin\quarantine\MAHJON~1.INF.infected.000.infected.000.infected: moved to 'C:\ProgramData\.clamwin\quarantine\MAHJON~1.INF.infected.000.infected.000.infected.000'
C:\Documents and Settings\All Users\Application Data\Application Data\.clamwin\quarantine\RAIDCA~1.INF.infected.000.infected.000.infected: SWF.Exploit.Kit-331 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\.clamwin\quarantine\RAIDCA~1.INF.infected.000.infected.000.infected: moved to 'C:\ProgramData\.clamwin\quarantine\RAIDCA~1.INF.infected.000.infected.000.infected.000'
C:\Documents and Settings\All Users\Application Data\Application Data\.clamwin\quarantine\UPDATE~1.INF.infected.000.infected.000.infected: Win32.Exploit.CVE_2015_2525 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\.clamwin\quarantine\UPDATE~1.INF.infected.000.infected.000.infected: moved to 'C:\ProgramData\.clamwin\quarantine\UPDATE~1.INF.infected.000.infected.000.infected.000'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\.clamwin\quarantine\0X1000~1.INF.infected.000.infected.000.infected.000: AT-144.D FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\.clamwin\quarantine\0X1000~1.INF.infected.000.infected.000.infected.000: moved to 'C:\ProgramData\.clamwin\quarantine\0X1000~1.INF.infected.000.infected.000.infected.000.infected'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\.clamwin\quarantine\0X1000~2.INF.infected.000.infected.000.infected.000: AT-144.D FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\.clamwin\quarantine\0X1000~2.INF.infected.000.infected.000.infected.000: moved to 'C:\ProgramData\.clamwin\quarantine\0X1000~2.INF.infected.000.infected.000.infected.000.infected'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\.clamwin\quarantine\DRIVEG~1.INF.infected.000.infected.000.infected.000: Win.Worm.Chir-1939 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\.clamwin\quarantine\DRIVEG~1.INF.infected.000.infected.000.infected.000: moved to 'C:\ProgramData\.clamwin\quarantine\DRIVEG~1.INF.infected.000.infected.000.infected.000.infected'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\.clamwin\quarantine\DRIVER~1.INF.infected.000.infected.000.infected.000: Win.Worm.Chir-2585 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\.clamwin\quarantine\DRIVER~1.INF.infected.000.infected.000.infected.000: moved to 'C:\ProgramData\.clamwin\quarantine\DRIVER~1.INF.infected.000.infected.000.infected.000.infected'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\.clamwin\quarantine\INPITC~1.INF.infected.000.infected.000.infected.000: Win.Worm.Warezov-216 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\.clamwin\quarantine\INPITC~1.INF.infected.000.infected.000.infected.000: moved to 'C:\ProgramData\.clamwin\quarantine\INPITC~1.INF.infected.000.infected.000.infected.000.infected'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\.clamwin\quarantine\LIBMP3~1.INF.infected.000.infected.000.infected.000: Win.Trojan.Ramnit-6240 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\.clamwin\quarantine\LIBMP3~1.INF.infected.000.infected.000.infected.000: moved to 'C:\ProgramData\.clamwin\quarantine\LIBMP3~1.INF.infected.000.infected.000.infected.000.infected'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\.clamwin\quarantine\LIBMP3~2.INF.infected.000.infected.000.infected.000: Win.Trojan.Ramnit-6240 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\.clamwin\quarantine\LIBMP3~2.INF.infected.000.infected.000.infected.000: moved to 'C:\ProgramData\.clamwin\quarantine\LIBMP3~2.INF.infected.000.infected.000.infected.000.infected'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\.clamwin\quarantine\MAHJON~1.INF.infected.000.infected.000.infected.000: Win.Worm.Agent-7500 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\.clamwin\quarantine\MAHJON~1.INF.infected.000.infected.000.infected.000: moved to 'C:\ProgramData\.clamwin\quarantine\MAHJON~1.INF.infected.000.infected.000.infected.000.infected'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\.clamwin\quarantine\RAIDCA~1.INF.infected.000.infected.000.infected.000: SWF.Exploit.Kit-331 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\.clamwin\quarantine\RAIDCA~1.INF.infected.000.infected.000.infected.000: moved to 'C:\ProgramData\.clamwin\quarantine\RAIDCA~1.INF.infected.000.infected.000.infected.000.infected'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\.clamwin\quarantine\UPDATE~1.INF.infected.000.infected.000.infected.000: Win32.Exploit.CVE_2015_2525 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\.clamwin\quarantine\UPDATE~1.INF.infected.000.infected.000.infected.000: moved to 'C:\ProgramData\.clamwin\quarantine\UPDATE~1.INF.infected.000.infected.000.infected.000.infected'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\0X1000~1.INF.infected.000.infected.000.infected.000.infected: AT-144.D FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\0X1000~1.INF.infected.000.infected.000.infected.000.infected: moved to 'C:\ProgramData\.clamwin\quarantine\0X1000~1.INF.infected.000.infected.000.infected.000.infected.000'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\0X1000~2.INF.infected.000.infected.000.infected.000.infected: AT-144.D FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\0X1000~2.INF.infected.000.infected.000.infected.000.infected: moved to 'C:\ProgramData\.clamwin\quarantine\0X1000~2.INF.infected.000.infected.000.infected.000.infected.000'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\DRIVEG~1.INF.infected.000.infected.000.infected.000.infected: Win.Worm.Chir-1939 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\DRIVEG~1.INF.infected.000.infected.000.infected.000.infected: moved to 'C:\ProgramData\.clamwin\quarantine\DRIVEG~1.INF.infected.000.infected.000.infected.000.infected.000'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\DRIVER~1.INF.infected.000.infected.000.infected.000.infected: Win.Worm.Chir-2585 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\DRIVER~1.INF.infected.000.infected.000.infected.000.infected: moved to 'C:\ProgramData\.clamwin\quarantine\DRIVER~1.INF.infected.000.infected.000.infected.000.infected.000'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\INPITC~1.INF.infected.000.infected.000.infected.000.infected: Win.Worm.Warezov-216 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\INPITC~1.INF.infected.000.infected.000.infected.000.infected: moved to 'C:\ProgramData\.clamwin\quarantine\INPITC~1.INF.infected.000.infected.000.infected.000.infected.000'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\LIBMP3~1.INF.infected.000.infected.000.infected.000.infected: Win.Trojan.Ramnit-6240 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\LIBMP3~1.INF.infected.000.infected.000.infected.000.infected: moved to 'C:\ProgramData\.clamwin\quarantine\LIBMP3~1.INF.infected.000.infected.000.infected.000.infected.000'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\LIBMP3~2.INF.infected.000.infected.000.infected.000.infected: Win.Trojan.Ramnit-6240 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\LIBMP3~2.INF.infected.000.infected.000.infected.000.infected: moved to 'C:\ProgramData\.clamwin\quarantine\LIBMP3~2.INF.infected.000.infected.000.infected.000.infected.000'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\MAHJON~1.INF.infected.000.infected.000.infected.000.infected: Win.Worm.Agent-7500 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\MAHJON~1.INF.infected.000.infected.000.infected.000.infected: moved to 'C:\ProgramData\.clamwin\quarantine\MAHJON~1.INF.infected.000.infected.000.infected.000.infected.000'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\RAIDCA~1.INF.infected.000.infected.000.infected.000.infected: SWF.Exploit.Kit-331 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\RAIDCA~1.INF.infected.000.infected.000.infected.000.infected: moved to 'C:\ProgramData\.clamwin\quarantine\RAIDCA~1.INF.infected.000.infected.000.infected.000.infected.000'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\UPDATE~1.INF.infected.000.infected.000.infected.000.infected: Win32.Exploit.CVE_2015_2525 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\UPDATE~1.INF.infected.000.infected.000.infected.000.infected: moved to 'C:\ProgramData\.clamwin\quarantine\UPDATE~1.INF.infected.000.infected.000.infected.000.infected.000'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\0X1000~1.INF.infected.000.infected.000.infected.000.infected.000: AT-144.D FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\0X1000~1.INF.infected.000.infected.000.infected.000.infected.000: moved to 'C:\ProgramData\.clamwin\quarantine\0X1000~1.INF.infected.000.infected.000.infected.000.infected.000.infected'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\0X1000~2.INF.infected.000.infected.000.infected.000.infected.000: AT-144.D FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\0X1000~2.INF.infected.000.infected.000.infected.000.infected.000: moved to 'C:\ProgramData\.clamwin\quarantine\0X1000~2.INF.infected.000.infected.000.infected.000.infected.000.infected'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\DRIVEG~1.INF.infected.000.infected.000.infected.000.infected.000: Win.Worm.Chir-1939 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\DRIVEG~1.INF.infected.000.infected.000.infected.000.infected.000: moved to 'C:\ProgramData\.clamwin\quarantine\DRIVEG~1.INF.infected.000.infected.000.infected.000.infected.000.infected'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\DRIVER~1.INF.infected.000.infected.000.infected.000.infected.000: Win.Worm.Chir-2585 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\DRIVER~1.INF.infected.000.infected.000.infected.000.infected.000: moved to 'C:\ProgramData\.clamwin\quarantine\DRIVER~1.INF.infected.000.infected.000.infected.000.infected.000.infected'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\INPITC~1.INF.infected.000.infected.000.infected.000.infected.000: Win.Worm.Warezov-216 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\INPITC~1.INF.infected.000.infected.000.infected.000.infected.000: moved to 'C:\ProgramData\.clamwin\quarantine\INPITC~1.INF.infected.000.infected.000.infected.000.infected.000.infected'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\LIBMP3~1.INF.infected.000.infected.000.infected.000.infected.000: Win.Trojan.Ramnit-6240 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\LIBMP3~1.INF.infected.000.infected.000.infected.000.infected.000: moved to 'C:\ProgramData\.clamwin\quarantine\LIBMP3~1.INF.infected.000.infected.000.infected.000.infected.000.infected'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\LIBMP3~2.INF.infected.000.infected.000.infected.000.infected.000: Win.Trojan.Ramnit-6240 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\LIBMP3~2.INF.infected.000.infected.000.infected.000.infected.000: moved to 'C:\ProgramData\.clamwin\quarantine\LIBMP3~2.INF.infected.000.infected.000.infected.000.infected.000.infected'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\MAHJON~1.INF.infected.000.infected.000.infected.000.infected.000: Win.Worm.Agent-7500 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\MAHJON~1.INF.infected.000.infected.000.infected.000.infected.000: moved to 'C:\ProgramData\.clamwin\quarantine\MAHJON~1.INF.infected.000.infected.000.infected.000.infected.000.infected'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\RAIDCA~1.INF.infected.000.infected.000.infected.000.infected.000: SWF.Exploit.Kit-331 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\RAIDCA~1.INF.infected.000.infected.000.infected.000.infected.000: moved to 'C:\ProgramData\.clamwin\quarantine\RAIDCA~1.INF.infected.000.infected.000.infected.000.infected.000.infected'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\UPDATE~1.INF.infected.000.infected.000.infected.000.infected.000: Win32.Exploit.CVE_2015_2525 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\UPDATE~1.INF.infected.000.infected.000.infected.000.infected.000: moved to 'C:\ProgramData\.clamwin\quarantine\UPDATE~1.INF.infected.000.infected.000.infected.000.infected.000.infected'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\0X1000~1.INF.infected.000.infected.000.infected.000.infected.000.infected: AT-144.D FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\0X1000~1.INF.infected.000.infected.000.infected.000.infected.000.infected: moved to 'C:\ProgramData\.clamwin\quarantine\0X1000~1.INF.infected.000.infected.000.infected.000.infected.000.infected.000'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\0X1000~2.INF.infected.000.infected.000.infected.000.infected.000.infected: AT-144.D FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\0X1000~2.INF.infected.000.infected.000.infected.000.infected.000.infected: moved to 'C:\ProgramData\.clamwin\quarantine\0X1000~2.INF.infected.000.infected.000.infected.000.infected.000.infected.000'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\DRIVEG~1.INF.infected.000.infected.000.infected.000.infected.000.infected: Win.Worm.Chir-1939 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\DRIVEG~1.INF.infected.000.infected.000.infected.000.infected.000.infected: moved to 'C:\ProgramData\.clamwin\quarantine\DRIVEG~1.INF.infected.000.infected.000.infected.000.infected.000.infected.000'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\DRIVER~1.INF.infected.000.infected.000.infected.000.infected.000.infected: Win.Worm.Chir-2585 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\DRIVER~1.INF.infected.000.infected.000.infected.000.infected.000.infected: moved to 'C:\ProgramData\.clamwin\quarantine\DRIVER~1.INF.infected.000.infected.000.infected.000.infected.000.infected.000'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\INPITC~1.INF.infected.000.infected.000.infected.000.infected.000.infected: Win.Worm.Warezov-216 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\INPITC~1.INF.infected.000.infected.000.infected.000.infected.000.infected: moved to 'C:\ProgramData\.clamwin\quarantine\INPITC~1.INF.infected.000.infected.000.infected.000.infected.000.infected.000'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\LIBMP3~1.INF.infected.000.infected.000.infected.000.infected.000.infected: Win.Trojan.Ramnit-6240 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\LIBMP3~1.INF.infected.000.infected.000.infected.000.infected.000.infected: moved to 'C:\ProgramData\.clamwin\quarantine\LIBMP3~1.INF.infected.000.infected.000.infected.000.infected.000.infected.000'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\LIBMP3~2.INF.infected.000.infected.000.infected.000.infected.000.infected: Win.Trojan.Ramnit-6240 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\LIBMP3~2.INF.infected.000.infected.000.infected.000.infected.000.infected: moved to 'C:\ProgramData\.clamwin\quarantine\LIBMP3~2.INF.infected.000.infected.000.infected.000.infected.000.infected.000'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\MAHJON~1.INF.infected.000.infected.000.infected.000.infected.000.infected: Win.Worm.Agent-7500 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\MAHJON~1.INF.infected.000.infected.000.infected.000.infected.000.infected: moved to 'C:\ProgramData\.clamwin\quarantine\MAHJON~1.INF.infected.000.infected.000.infected.000.infected.000.infected.000'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\RAIDCA~1.INF.infected.000.infected.000.infected.000.infected.000.infected: SWF.Exploit.Kit-331 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\RAIDCA~1.INF.infected.000.infected.000.infected.000.infected.000.infected: moved to 'C:\ProgramData\.clamwin\quarantine\RAIDCA~1.INF.infected.000.infected.000.infected.000.infected.000.infected.000'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\UPDATE~1.INF.infected.000.infected.000.infected.000.infected.000.infected: Win32.Exploit.CVE_2015_2525 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\UPDATE~1.INF.infected.000.infected.000.infected.000.infected.000.infected: moved to 'C:\ProgramData\.clamwin\quarantine\UPDATE~1.INF.infected.000.infected.000.infected.000.infected.000.infected.000'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\0X1000~1.INF.infected.000.infected.000.infected.000.infected.000.infected.000: AT-144.D FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\0X1000~1.INF.infected.000.infected.000.infected.000.infected.000.infected.000: moved to 'C:\ProgramData\.clamwin\quarantine\0X1000~1.INF.infected.000.infected.000.infected.000.infected.000.infected.000.infected'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\0X1000~2.INF.infected.000.infected.000.infected.000.infected.000.infected.000: AT-144.D FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\0X1000~2.INF.infected.000.infected.000.infected.000.infected.000.infected.000: moved to 'C:\ProgramData\.clamwin\quarantine\0X1000~2.INF.infected.000.infected.000.infected.000.infected.000.infected.000.infected'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\DRIVEG~1.INF.infected.000.infected.000.infected.000.infected.000.infected.000: Win.Worm.Chir-1939 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\DRIVEG~1.INF.infected.000.infected.000.infected.000.infected.000.infected.000: moved to 'C:\ProgramData\.clamwin\quarantine\DRIVEG~1.INF.infected.000.infected.000.infected.000.infected.000.infected.000.infected'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\DRIVER~1.INF.infected.000.infected.000.infected.000.infected.000.infected.000: Win.Worm.Chir-2585 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\DRIVER~1.INF.infected.000.infected.000.infected.000.infected.000.infected.000: moved to 'C:\ProgramData\.clamwin\quarantine\DRIVER~1.INF.infected.000.infected.000.infected.000.infected.000.infected.000.infected'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\INPITC~1.INF.infected.000.infected.000.infected.000.infected.000.infected.000: Win.Worm.Warezov-216 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\INPITC~1.INF.infected.000.infected.000.infected.000.infected.000.infected.000: moved to 'C:\ProgramData\.clamwin\quarantine\INPITC~1.INF.infected.000.infected.000.infected.000.infected.000.infected.000.infected'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\LIBMP3~1.INF.infected.000.infected.000.infected.000.infected.000.infected.000: Win.Trojan.Ramnit-6240 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\LIBMP3~1.INF.infected.000.infected.000.infected.000.infected.000.infected.000: moved to 'C:\ProgramData\.clamwin\quarantine\LIBMP3~1.INF.infected.000.infected.000.infected.000.infected.000.infected.000.infected'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\LIBMP3~2.INF.infected.000.infected.000.infected.000.infected.000.infected.000: Win.Trojan.Ramnit-6240 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\LIBMP3~2.INF.infected.000.infected.000.infected.000.infected.000.infected.000: moved to 'C:\ProgramData\.clamwin\quarantine\LIBMP3~2.INF.infected.000.infected.000.infected.000.infected.000.infected.000.infected'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\MAHJON~1.INF.infected.000.infected.000.infected.000.infected.000.infected.000: Win.Worm.Agent-7500 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\MAHJON~1.INF.infected.000.infected.000.infected.000.infected.000.infected.000: moved to 'C:\ProgramData\.clamwin\quarantine\MAHJON~1.INF.infected.000.infected.000.infected.000.infected.000.infected.000.infected'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\RAIDCA~1.INF.infected.000.infected.000.infected.000.infected.000.infected.000: SWF.Exploit.Kit-331 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\RAIDCA~1.INF.infected.000.infected.000.infected.000.infected.000.infected.000: moved to 'C:\ProgramData\.clamwin\quarantine\RAIDCA~1.INF.infected.000.infected.000.infected.000.infected.000.infected.000.infected'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\UPDATE~1.INF.infected.000.infected.000.infected.000.infected.000.infected.000: Win32.Exploit.CVE_2015_2525 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\UPDATE~1.INF.infected.000.infected.000.infected.000.infected.000.infected.000: moved to 'C:\ProgramData\.clamwin\quarantine\UPDATE~1.INF.infected.000.infected.000.infected.000.infected.000.infected.000.infected'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\0X1000~1.INF: AT-144.D FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\0X1000~1.INF: moved to 'C:\ProgramData\.clamwin\quarantine\0X1000~1.INF.infected'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\0X1000~2.INF: AT-144.D FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\0X1000~2.INF: moved to 'C:\ProgramData\.clamwin\quarantine\0X1000~2.INF.infected'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\DRIVEG~1.INF: Win.Worm.Chir-1939 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\DRIVEG~1.INF: moved to 'C:\ProgramData\.clamwin\quarantine\DRIVEG~1.INF.infected'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\DRIVER~1.INF: Win.Worm.Chir-2585 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\DRIVER~1.INF: moved to 'C:\ProgramData\.clamwin\quarantine\DRIVER~1.INF.infected'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\INPITC~1.INF: Win.Worm.Warezov-216 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\INPITC~1.INF: moved to 'C:\ProgramData\.clamwin\quarantine\INPITC~1.INF.infected'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\LIBMP3~1.INF: Win.Trojan.Ramnit-6240 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\LIBMP3~1.INF: moved to 'C:\ProgramData\.clamwin\quarantine\LIBMP3~1.INF.infected'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\LIBMP3~2.INF: Win.Trojan.Ramnit-6240 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\LIBMP3~2.INF: moved to 'C:\ProgramData\.clamwin\quarantine\LIBMP3~2.INF.infected'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\MAHJON~1.INF: Win.Worm.Agent-7500 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\MAHJON~1.INF: moved to 'C:\ProgramData\.clamwin\quarantine\MAHJON~1.INF.infected'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\RAIDCA~1.INF: SWF.Exploit.Kit-331 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\RAIDCA~1.INF: moved to 'C:\ProgramData\.clamwin\quarantine\RAIDCA~1.INF.infected'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\UPDATE~1.INF: Win32.Exploit.CVE_2015_2525 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\UPDATE~1.INF: moved to 'C:\ProgramData\.clamwin\quarantine\UPDATE~1.INF.infected'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\0X1000~1.INF.infected: AT-144.D FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\0X1000~1.INF.infected: moved to 'C:\ProgramData\.clamwin\quarantine\0X1000~1.INF.infected.000'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\0X1000~2.INF.infected: AT-144.D FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\0X1000~2.INF.infected: moved to 'C:\ProgramData\.clamwin\quarantine\0X1000~2.INF.infected.000'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\DRIVEG~1.INF.infected: Win.Worm.Chir-1939 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\DRIVEG~1.INF.infected: moved to 'C:\ProgramData\.clamwin\quarantine\DRIVEG~1.INF.infected.000'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\DRIVER~1.INF.infected: Win.Worm.Chir-2585 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\DRIVER~1.INF.infected: moved to 'C:\ProgramData\.clamwin\quarantine\DRIVER~1.INF.infected.000'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\INPITC~1.INF.infected: Win.Worm.Warezov-216 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\INPITC~1.INF.infected: moved to 'C:\ProgramData\.clamwin\quarantine\INPITC~1.INF.infected.000'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\LIBMP3~1.INF.infected: Win.Trojan.Ramnit-6240 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\LIBMP3~1.INF.infected: moved to 'C:\ProgramData\.clamwin\quarantine\LIBMP3~1.INF.infected.000'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\LIBMP3~2.INF.infected: Win.Trojan.Ramnit-6240 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\LIBMP3~2.INF.infected: moved to 'C:\ProgramData\.clamwin\quarantine\LIBMP3~2.INF.infected.000'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\MAHJON~1.INF.infected: Win.Worm.Agent-7500 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\MAHJON~1.INF.infected: moved to 'C:\ProgramData\.clamwin\quarantine\MAHJON~1.INF.infected.000'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\RAIDCA~1.INF.infected: SWF.Exploit.Kit-331 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\RAIDCA~1.INF.infected: moved to 'C:\ProgramData\.clamwin\quarantine\RAIDCA~1.INF.infected.000'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\UPDATE~1.INF.infected: Win32.Exploit.CVE_2015_2525 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\UPDATE~1.INF.infected: moved to 'C:\ProgramData\.clamwin\quarantine\UPDATE~1.INF.infected.000'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\0X1000~1.INF.infected.000: AT-144.D FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\0X1000~1.INF.infected.000: moved to 'C:\ProgramData\.clamwin\quarantine\0X1000~1.INF.infected.000.infected'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\0X1000~2.INF.infected.000: AT-144.D FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\0X1000~2.INF.infected.000: moved to 'C:\ProgramData\.clamwin\quarantine\0X1000~2.INF.infected.000.infected'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\DRIVEG~1.INF.infected.000: Win.Worm.Chir-1939 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\DRIVEG~1.INF.infected.000: moved to 'C:\ProgramData\.clamwin\quarantine\DRIVEG~1.INF.infected.000.infected'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\DRIVER~1.INF.infected.000: Win.Worm.Chir-2585 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\DRIVER~1.INF.infected.000: moved to 'C:\ProgramData\.clamwin\quarantine\DRIVER~1.INF.infected.000.infected'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\INPITC~1.INF.infected.000: Win.Worm.Warezov-216 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\INPITC~1.INF.infected.000: moved to 'C:\ProgramData\.clamwin\quarantine\INPITC~1.INF.infected.000.infected'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\LIBMP3~1.INF.infected.000: Win.Trojan.Ramnit-6240 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\LIBMP3~1.INF.infected.000: moved to 'C:\ProgramData\.clamwin\quarantine\LIBMP3~1.INF.infected.000.infected'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\LIBMP3~2.INF.infected.000: Win.Trojan.Ramnit-6240 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\LIBMP3~2.INF.infected.000: moved to 'C:\ProgramData\.clamwin\quarantine\LIBMP3~2.INF.infected.000.infected'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\MAHJON~1.INF.infected.000: Win.Worm.Agent-7500 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\MAHJON~1.INF.infected.000: moved to 'C:\ProgramData\.clamwin\quarantine\MAHJON~1.INF.infected.000.infected'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\RAIDCA~1.INF.infected.000: SWF.Exploit.Kit-331 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\RAIDCA~1.INF.infected.000: moved to 'C:\ProgramData\.clamwin\quarantine\RAIDCA~1.INF.infected.000.infected'
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\UPDATE~1.INF.infected.000: Win32.Exploit.CVE_2015_2525 FOUND
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\.clamwin\quarantine\UPDATE~1.INF.infected.000: moved to 'C:\ProgramData\.clamwin\quarantine\UPDATE~1.INF.infected.000.infected'

Edited by Sahqon, 12 December 2015 - 06:22 PM.


BC AdBot (Login to Remove)

 


#2 shelf life

shelf life

  • Malware Response Team
  • 2,646 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:@localhost
  • Local time:03:19 PM

Posted 12 December 2015 - 03:47 PM

 I wouldnt recommend it as a primary AV. Why? because it dosnt offer real time protection by running in the background. A scan must be started manually or be scheduled. It also has a poorer than average detection rate as well as higher than avg false positives.

Do you have another updated AV installed on the machine?


How Can I Reduce My Risk to Malware?


#3 Sahqon

Sahqon
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  

Posted 12 December 2015 - 04:10 PM

I use pandacloud and things like Superantispyware, malwarebytes, and that's about it. I dont usually make it a habit of downloading things I dont supposed to or using shady/pirated programs so I never really felt the need for one. Usually anything I open is scanned by virustotal before I do so.  

 

I do system scans while I sleep and this is the first time anything picked up something besides adware. I feel like it's something clamwin exclusive, but I also feel like I shouldn't ignore serious accusations by this thing like having worms and a Trojan Ramnit. So, I'm here for professional opinions and if I am truly infected treatment options. If I have to reformat I'm most likely just going to scrap this computer and buy another.



#4 shelf life

shelf life

  • Malware Response Team
  • 2,646 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:@localhost
  • Local time:03:19 PM

Posted 12 December 2015 - 05:25 PM

I would randomly upload a few of the files to Jotti or Virustotal. If they come back clean and PandaCloud is clean then I would say they are false positives. Just for your information, one way to get real time protection with ClamWin is to install Clam Sentinel. It will monitor any file changes in real time then have ClamWin scan them.

Still cant really recommend ClamAV on Windows, your better off with PandaCloud.


How Can I Reduce My Risk to Malware?


#5 Sahqon

Sahqon
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  

Posted 12 December 2015 - 06:04 PM

I scanned my cloud cleaner and even went as far as to scan random files clamwin picked as viruses. They're all appearing as clean to virustotal.

 

I then took it to scan the "infected" Ramnit file. Squeaky clean except for clamwin. If this file is infected I would think more than one antivirus would pick it up.

https://www.virustotal.com/en/file/cff6517d80232b001b30c8b720e45f32d0000278d2b859a99d7e2e6edc281bfa/analysis/1449961338/



#6 shelf life

shelf life

  • Malware Response Team
  • 2,646 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:@localhost
  • Local time:03:19 PM

Posted 12 December 2015 - 08:34 PM

 

If this file is infected I would think more than one antivirus would pick it up.

I think your right. False positive.


How Can I Reduce My Risk to Malware?





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users