ClamWin Free Antivirus Forum Index
ClamWin Free Antivirus
Support and Discussion Forums
Reply to topic
Infected files: 4 Total errors: 2 Not copied: 4
cleroy61


Joined: 27 Sep 2014
Posts: 13
Location: France - Normandie
Reply with quote
Hi everyone,

I'm writing you because I have got this issue every day on my computer !

Every day I have got the same viruses that I have deleted but they reappear next day, every day with the same report !!

Can you give me some explanations, please ?

release 0.99.1 on Win 7

Code:
WARNING: Can't open file C:\Users\hp\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1: Permission denied

WARNING: Can't open file C:\Users\hp\ntuser.dat.LOG1: Permission denied

WARNING: Can't open file C:\Windows\MEMORY.DMP: Permission denied

WARNING: Can't open file C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe.config: Permission denied

WARNING: Can't open file C:\Windows\Panther\UnattendGC\diagerr.xml: Permission denied

WARNING: Can't open file C:\Windows\Panther\UnattendGC\diagwrn.xml: Permission denied

WARNING: Can't open file C:\Windows\PLA\System\System Diagnostics.xml: Permission denied

WARNING: Can't open file C:\Windows\PLA\System\System Performance.xml: Permission denied

WARNING: Can't open file C:\Windows\security\database\secedit.sdb: Permission denied

WARNING: Can't open file C:\Windows\System32\catroot2\127D0A1D-4EF2-11D1-8608-00C04FC295EE\catdb: Permission denied

WARNING: Can't open file C:\Windows\System32\catroot2\F750E6C3-38EE-11D1-85E5-00C04FC295EE\catdb: Permission denied

WARNING: Can't open file C:\Windows\System32\restore\MachineGuid.txt: Permission denied

WARNING: Can't open file C:\Windows\System32\sysprep\Panther\IE\diagerr.xml: Permission denied

WARNING: Can't open file C:\Windows\System32\sysprep\Panther\IE\diagwrn.xml: Permission denied

WARNING: Can't open file C:\Windows\System32\wbem\AutoRecover\01D083B8F092E9FEF6D9C55A64A75334.mof: Permission denied

WARNING: Can't open file C:\Windows\System32\wbem\AutoRecover\0CB6D8EA6179D949B588A4D328F2A1D5.mof: Permission denied

WARNING: Can't open file C:\Windows\System32\wbem\AutoRecover\341285245F81AA74FE6654017E06C685.mof: Permission denied

WARNING: Can't open file C:\Windows\System32\wbem\AutoRecover\36AC724DE559C5D39EB46462A440D4E5.mof: Permission denied

WARNING: Can't open file C:\Windows\System32\wbem\AutoRecover\4A870B469F34065CA18AB1FDF6312BDF.mof: Permission denied

WARNING: Can't open file C:\Windows\System32\wbem\AutoRecover\4BE9D6CB921FE137B78AE9960CDD98B0.mof: Permission denied

WARNING: Can't open file C:\Windows\System32\wbem\AutoRecover\5774C77265BE4C55B5C6C9718979E015.mof: Permission denied

WARNING: Can't open file C:\Windows\System32\wbem\AutoRecover\5AE917280E947651A324A3BB4D162227.mof: Permission denied

WARNING: Can't open file C:\Windows\System32\wbem\AutoRecover\6F8564A71977AE6B940705DCC4847A8D.mof: Permission denied

WARNING: Can't open file C:\Windows\System32\wbem\AutoRecover\75054C3771DF289038069A9BB1C1FB6E.mof: Permission denied

WARNING: Can't open file C:\Windows\System32\wbem\AutoRecover\807DD20ADF6F5D5EEA0C4E4CF016E69E.mof: Permission denied

WARNING: Can't open file C:\Windows\System32\wbem\AutoRecover\844A429FB6680A32838047A6271F8CD9.mof: Permission denied

WARNING: Can't open file C:\Windows\System32\wbem\AutoRecover\93BE9B2D6163316A39F5D9F7DCF57A26.mof: Permission denied

WARNING: Can't open file C:\Windows\System32\wbem\AutoRecover\97823DC673AD0F92AB9B83F4C177678B.mof: Permission denied

WARNING: Can't open file C:\Windows\System32\wbem\AutoRecover\BBF206490BAA431B592F9A13534F43F6.mof: Permission denied

WARNING: Can't open file C:\Windows\System32\wbem\AutoRecover\D361F8B496FD6DAF7BEEF497E09C0DC1.mof: Permission denied

WARNING: Can't open file C:\Windows\System32\wbem\AutoRecover\D646DA2E24852AB49017D421DF4AB456.mof: Permission denied

WARNING: Can't open file C:\Windows\System32\wbem\AutoRecover\DFB9AD54AC2D3B8122567AAD3BF3EB7F.mof: Permission denied

WARNING: Can't open file C:\Windows\System32\wbem\AutoRecover\E9D8A460B2C986DD5FF19F299F4A27EC.mof: Permission denied

WARNING: Can't open file C:\Windows\System32\wbem\AutoRecover\EDB534A0AD75CF6CD3441C25046B8E9A.mof: Permission denied

WARNING: Can't open file C:\Windows\System32\wbem\AutoRecover\F1326650D965B0087F10C6AA6C049D46.mof: Permission denied

WARNING: Can't open file C:\Windows\System32\wbem\AutoRecover\F5E2A66F8CD81F282CEFFB9E8125CC6F.mof: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Application.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\HardwareEvents.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Internet Explorer.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Key Management Service.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Media Center.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-Application Server-Applications%4Admin.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-Application Server-Applications%4Operational.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-Application-Experience%4Problem-Steps-Recorder.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-Application-Experience%4Program-Compatibility-Assistant.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-Application-Experience%4Program-Compatibility-Troubleshooter.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-Application-Experience%4Program-Inventory.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-Application-Experience%4Program-Telemetry.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-Audio%4CaptureMonitor.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-Audio%4Operational.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-Backup.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-Bits-Client%4Operational.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-CAPI2%4Operational.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-CodeIntegrity%4Operational.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-Compat-Appraiser%4Operational.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-Dhcp-Client%4Admin.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-Dhcpv6-Client%4Admin.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnosis-DPS%4Operational.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnosis-Scheduled%4Operational.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnosis-Scripted%4Admin.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnosis-Scripted%4Operational.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnosis-ScriptedDiagnosticsProvider%4Operational.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnostics-Networking%4Operational.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnostics-Performance%4Operational.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-DiskDiagnosticDataCollector%4Operational.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-DriverFrameworks-UserMode%4Operational.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-Fault-Tolerant-Heap%4Operational.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-GroupPolicy%4Operational.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-GWX-Ins%4Operational.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-Help%4Operational.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-HomeGroup Control Panel%4Operational.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-HomeGroup Provider Service%4Operational.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-International%4Operational.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-EventTracing%4Admin.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-Power%4Thermal-Operational.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-StoreMgr%4Operational.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-WDI%4Operational.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-WHEA%4Errors.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-WHEA%4Operational.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-Known Folders API Service.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-LanguagePackSetup%4Operational.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-MUI%4Admin.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-MUI%4Operational.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-NCSI%4Operational.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-NetworkAccessProtection%4Operational.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-NetworkAccessProtection%4WHC.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-NetworkLocationWizard%4Operational.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-NetworkProfile%4Operational.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-NlaSvc%4Operational.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-PrintService%4Admin.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-ReadyBoost%4Operational.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-Recovery%4Operational.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-ReliabilityAnalysisComponent%4Operational.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-RemoteApp and Desktop Connections%4Admin.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-RemoteApp and Desktop Connections%4Operational.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-RemoteAssistance%4Admin.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-RemoteAssistance%4Operational.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\microsoft-windows-RemoteDesktopServices-RemoteDesktopSessionManager%4Admin.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-Resource-Exhaustion-Detector%4Operational.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-Resource-Exhaustion-Resolver%4Operational.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-RestartManager%4Operational.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-TerminalServices-ClientUSBDevices%4Admin.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-TerminalServices-ClientUSBDevices%4Operational.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-TerminalServices-LocalSessionManager%4Admin.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-TerminalServices-LocalSessionManager%4Operational.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-TerminalServices-RDPClient%4Operational.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-TerminalServices-RemoteConnectionManager%4Admin.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-TerminalServices-RemoteConnectionManager%4Operational.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-UAC%4Operational.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-UAC-FileVirtualization%4Operational.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-User Profile Service%4Operational.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-WER-Diag%4Operational.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-Windows Defender%4Operational.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-Windows Defender%4WHC.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-Windows Firewall With Advanced Security%4ConnectionSecurity.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-Windows Firewall With Advanced Security%4Firewall.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-WindowsBackup%4ActionCenter.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-WindowsSystemAssessmentTool%4Operational.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-WindowsUpdateClient%4Operational.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-Winlogon%4Operational.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-WLAN-AutoConfig%4Operational.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Microsoft-Windows-WPD-MTPClassDriver%4Operational.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Reason.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Security.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Setup.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\System.evtx: Permission denied

WARNING: Can't open file C:\Windows\System32\winevt\Logs\Windows PowerShell.evtx: Permission denied

WARNING: Can't open file C:\Windows\Tasks\Adobe Flash Player Updater.job: Permission denied

WARNING: Can't open file C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job: Permission denied

WARNING: Can't open file C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job: Permission denied

WARNING: Can't open file C:\Windows\Tasks\Norton Security Scan for hp.job: Permission denied

WARNING: Can't open file C:\Windows\winsxs\x86_microsoft-windows-n..n_service_datastore_31bf3856ad364e35_6.1.7600.16385_none_d104e6cf97534cc4\dnary.xsd: Permission denied

WARNING: Can't open file C:\Windows\winsxs\x86_microsoft-windows-n..n_service_datastore_31bf3856ad364e35_6.1.7601.17514_none_d335fa979441d05e\dnary.xsd: Permission denied



----------- SCAN SUMMARY -----------

Known viruses: 4632968

Engine version: 0.99.1

Scanned directories: 23136

Scanned files: 149644

Infected files: 4



Total errors: 2

Not copied: 4

Data scanned: 23073.84 MB

Data read: 31615.03 MB (ratio 0.73:1)

Time: 6972.340 sec (116 m 12 s)



The following files are Digitally Signed by Microsoft Corporation and may have been incorrectly detected as viruses:

C:\SWSetup\sp54099\Vista\RtkNGUI.exe: [Win.Worm.Runouce-381] FALSE POSITIVE FOUND

C:\SWSetup\sp54816\Graphics\igdumdx32.dll: [Win.Trojan.Ramnit-7000] FALSE POSITIVE FOUND

C:\Windows\System32\DriverStore\FileRepository\hdabpcas.inf_x86_neutral_65d28dc4370249ee\RtkNGUI.exe: [Win.Worm.Runouce-381] FALSE POSITIVE FOUND

C:\Windows\System32\DriverStore\FileRepository\hdahpbpc.inf_x86_neutral_29f9db11cf35df45\RtkNGUI.exe: [Win.Worm.Runouce-381] FALSE POSITIVE FOUND

C:\Windows\System32\DriverStore\FileRepository\kit38939.inf_x86_neutral_23ecc18cff72278a\igdumdx32.dll: [Win.Trojan.Ramnit-7000] FALSE POSITIVE FOUND

C:\Windows\System32\DriverStore\FileRepository\prnhp003.inf_x86_neutral_8685826a5ca37e6b\I386\hpcdmc71.dll: [Win.Trojan.Tracur-283] FALSE POSITIVE FOUND

C:\Windows\System32\DriverStore\FileRepository\prnhp005.inf_x86_neutral_9307c57b91a7985e\I386\HPCDMC71.dll: [Win.Trojan.Tracur-283] FALSE POSITIVE FOUND

C:\Windows\System32\igdumdx32.dll: [Win.Trojan.Ramnit-7000] FALSE POSITIVE FOUND

Please do not be alarmed and help us by submitting the files identified above as FALSE POSITIVE at http://www.clamav.net/sendvirus/

--------------------------------------

Completed

--------------------------------------


Thank you very much
Have a nice day
Best regards
cleroy61
View user's profileSend private message
ROCKNROLLKID


Joined: 23 Sep 2013
Posts: 562
Location: **UNKNOWN**
Reply with quote
The files flagged as infection appear to just be false positives. Please submit these files to ClamAV false positive mail so they can correct them here: http://www.clamav.net/contact

The permission denied files you can just ignore. These are just files that are locked and cannot be scanned by ClamWin. Unfortunately, there is no way to suppress these.
View user's profileSend private message
cleroy61


Joined: 27 Sep 2014
Posts: 13
Location: France - Normandie
Reply with quote
Ok thanks for answering me !

I have already sent to the support for the false positive.

I'm waiting the answer ! It is the reason why I have written here !

Thank you very much
Have a nice day
Best regards
cleroy61
View user's profileSend private message
ROCKNROLLKID


Joined: 23 Sep 2013
Posts: 562
Location: **UNKNOWN**
Reply with quote
By the way, in the log was showing your RSA encryption keys (or at least I think they were the keys as it looked very similar to an encryption key) so I removed them. I would suggest, if you still use the RSA encryption, that you might want to change your encryption key so someone doesn't compromise it.
View user's profileSend private message
GuitarBob


Joined: 09 Jul 2006
Posts: 4254
Location: USA
Reply with quote
You can usually believe it when a ClamWin scan says that a file is a false positive. The ClamWin developers decided some time ago to protect users against false positive signatures on important Windows files. If they were quarantined, you might not be able to start your computer or run important system files. ClamWin uses the Clam AV signatures designed for Linux mail servers, and Clam AV has not given much importance to false positive files since they are no problem on email servers.

That seems like a lot of permission denied files--just looking at the number of them. You might want to download a copy of Malwarebytes free antimalware version and do a scan with it just to be sure. Keep it around in case you need to clean up something later.

Thanks for using ClamWin!

Regards,
View user's profileSend private message
cleroy61


Joined: 27 Sep 2014
Posts: 13
Location: France - Normandie
Reply with quote
Thank you very much for your answers !

Have a nice day
Best regards
cleroy61
View user's profileSend private message
Infected files: 4 Total errors: 2 Not copied: 4
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
All times are GMT  
Page 1 of 1  

  
  
 Reply to topic