Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Help 13 Viruses


  • Please log in to reply
7 replies to this topic

#1 Noss

Noss

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:05 PM

Posted 20 September 2007 - 12:18 AM

Hi. You guys helped me a while ago with smitfraud and here to ask for another problem. I never had a really good anti virus so when I bought Bit defender I was aghast to find that 13 unmovable viruses where on my comp. I tried running safemod and then bit defnder but it didn't work. these are the virsues from the deep scan report. Any help would be appriciated. :thumbsup:


//-----------------------------------------------------------------
//
// Product BitDefender Antivirus v10
// Product 10.2
//
// Created on: 19/09/2007 12:23:24
//
//-----------------------------------------------------------------


Virus Statistics

Scan path : A:\
C:\
D:\
E:\
Folders : 6603
Files : 250928
Memory processes scanned : 38
Archives : 3445
Runtime packers : 7883
Identified viruses : 13
Infected files : 25
Memory processes infected : 0
Suspect files : 0
Warnings : 0
Disinfected files : 0
Deleted files : 0
Moved files : 0
I/O errors : 29
Scan time : 01:49:11
Scan speed (files/sec) : 38

Spyware Statistics

Registry keys scanned : 1953
Registry keys infected : 0
Cookies scanned : 83
Cookies infected : 0
Spyware files infected : 0
Spyware threats detected : 0


Virus definitions : 893954
Scan plugins : 16
Archive plugins : 41
Unpack plugins : 7
Mail plugins : 6
System plugins : 5

Virus scan options

Detection
[X] Scan boot sectors
[X] Memory Processes
[X] Scan archives
[X] Scan runtime packers
[X] Scan email

File mask
[ ] Programs
[X] All files
[ ] User defined extensions:
[ ] Exclude extensions: ;

Action

Infected objects
[ ] Ignore
[X] Disinfect
[ ] Delete
[ ] Move to quarantine
[ ] Prompt user

Second action
[ ] Ignore
[ ] Delete
[X] Move to quarantine
[ ] Prompt user

Virus scan options
[X] Enable warnings
[X] Enable heuristics
[ ] Show all files in log
[X] Report file: C:\Documents and Settings\All Users\Application Data\Bitdefender\Desktop\Profiles\Logs\deep_scan\1190229804.log

Spyware scan options

[X] Scan for riskware
[ ] Skip dial and applications from scan
[X] Registry keys
[X] Cookies


Summary:

C:\Documents and Settings\Default User\dangerous do not open virus\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0001 Detected: Adware.Urlspy.C
C:\Documents and Settings\Default User\dangerous do not open virus\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0001 Disinfection failed
C:\Documents and Settings\Default User\dangerous do not open virus\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0001 Move failed
C:\Documents and Settings\Default User\dangerous do not open virus\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0002 Infected: Trojan.Downloader.Mendwar.B
C:\Documents and Settings\Default User\dangerous do not open virus\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0002 Disinfection failed
C:\Documents and Settings\Default User\dangerous do not open virus\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0002 Move failed
C:\Documents and Settings\Default User\dangerous do not open virus\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0003 Detected: Application.Adsincontext.C
C:\Documents and Settings\Default User\dangerous do not open virus\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0003 Disinfection failed
C:\Documents and Settings\Default User\dangerous do not open virus\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0003 Move failed
C:\Documents and Settings\Default User\dangerous do not open virus\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0004 Infected: Trojan.Downloader.Agent.EC
C:\Documents and Settings\Default User\dangerous do not open virus\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0004 Disinfection failed
C:\Documents and Settings\Default User\dangerous do not open virus\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0004 Move failed
C:\Documents and Settings\Default User\dangerous do not open virus\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0005=>(CAB Sfx r)=>DnldStub.exe Infected: Trojan.Downloader.Small.KL
C:\Documents and Settings\Default User\dangerous do not open virus\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0005=>(CAB Sfx r)=>DnldStub.exe Disinfection failed
C:\Documents and Settings\Default User\dangerous do not open virus\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0005=>(CAB Sfx r)=>DnldStub.exe Move failed
C:\Documents and Settings\Default User\dangerous do not open virus\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0005=>(CAB Sfx 2r) Infected: Trojan.Whenu.A
C:\Documents and Settings\Default User\dangerous do not open virus\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0005=>(CAB Sfx 2r) Disinfection failed
C:\Documents and Settings\Default User\dangerous do not open virus\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0005=>(CAB Sfx 2r) Move failed
C:\Documents and Settings\Default User\dangerous do not open virus\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0005=>(CAB Sfx 3r)=>Search.exe Detected: Adware.Savenow.E
C:\Documents and Settings\Default User\dangerous do not open virus\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0005=>(CAB Sfx 3r)=>Search.exe Disinfection failed
C:\Documents and Settings\Default User\dangerous do not open virus\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0005=>(CAB Sfx 3r)=>Search.exe Move failed
C:\Documents and Settings\Default User\dangerous do not open virus\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0005=>(CAB Sfx 3r)=>Uninst.exe Detected: Adware.Whenu.Savenow.AO
C:\Documents and Settings\Default User\dangerous do not open virus\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0005=>(CAB Sfx 3r)=>Uninst.exe Disinfection failed
C:\Documents and Settings\Default User\dangerous do not open virus\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0005=>(CAB Sfx 3r)=>Uninst.exe Move failed
C:\Documents and Settings\Default User\dangerous do not open virus\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0005=>(CAB Sfx 4r)=>search.cab=>index.htm Detected: Adware.Savenow.DB
C:\Documents and Settings\Default User\dangerous do not open virus\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0005=>(CAB Sfx 4r)=>search.cab=>index.htm Disinfection failed
C:\Documents and Settings\Default User\dangerous do not open virus\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0005=>(CAB Sfx 4r)=>search.cab=>index.htm Move failed
C:\Documents and Settings\Default User\dangerous do not open virus\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0006 Detected: Application.Ezula.AI
C:\Documents and Settings\Default User\dangerous do not open virus\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0006 Disinfection failed
C:\Documents and Settings\Default User\dangerous do not open virus\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0006 Move failed
C:\Documents and Settings\Default User\dangerous do not open virus\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0007 Detected: Adware.ApropoAd.A
C:\Documents and Settings\Default User\dangerous do not open virus\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0007 Disinfection failed
C:\Documents and Settings\Default User\dangerous do not open virus\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0007 Move failed
C:\Documents and Settings\Default User\dangerous do not open virus\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0008 Infected: Trojan.Qhost.AP
C:\Documents and Settings\Default User\dangerous do not open virus\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0008 Disinfection failed
C:\Documents and Settings\Default User\dangerous do not open virus\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0008 Move failed
C:\Documents and Settings\Default User\dangerous do not open virus\Data\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0001 Detected: Adware.Urlspy.C
C:\Documents and Settings\Default User\dangerous do not open virus\Data\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0001 Disinfection failed
C:\Documents and Settings\Default User\dangerous do not open virus\Data\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0001 Move failed
C:\Documents and Settings\Default User\dangerous do not open virus\Data\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0002 Infected: Trojan.Downloader.Mendwar.B
C:\Documents and Settings\Default User\dangerous do not open virus\Data\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0002 Disinfection failed
C:\Documents and Settings\Default User\dangerous do not open virus\Data\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0002 Move failed
C:\Documents and Settings\Default User\dangerous do not open virus\Data\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0003 Detected: Application.Adsincontext.C
C:\Documents and Settings\Default User\dangerous do not open virus\Data\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0003 Disinfection failed
C:\Documents and Settings\Default User\dangerous do not open virus\Data\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0003 Move failed
C:\Documents and Settings\Default User\dangerous do not open virus\Data\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0004 Infected: Trojan.Downloader.Agent.EC
C:\Documents and Settings\Default User\dangerous do not open virus\Data\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0004 Disinfection failed
C:\Documents and Settings\Default User\dangerous do not open virus\Data\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0004 Move failed
C:\Documents and Settings\Default User\dangerous do not open virus\Data\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0005=>(CAB Sfx r)=>DnldStub.exe Infected: Trojan.Downloader.Small.KL
C:\Documents and Settings\Default User\dangerous do not open virus\Data\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0005=>(CAB Sfx r)=>DnldStub.exe Disinfection failed
C:\Documents and Settings\Default User\dangerous do not open virus\Data\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0005=>(CAB Sfx r)=>DnldStub.exe Move failed
C:\Documents and Settings\Default User\dangerous do not open virus\Data\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0005=>(CAB Sfx 2r) Infected: Trojan.Whenu.A
C:\Documents and Settings\Default User\dangerous do not open virus\Data\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0005=>(CAB Sfx 2r) Disinfection failed
C:\Documents and Settings\Default User\dangerous do not open virus\Data\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0005=>(CAB Sfx 2r) Move failed
C:\Documents and Settings\Default User\dangerous do not open virus\Data\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0005=>(CAB Sfx 3r)=>Search.exe Detected: Adware.Savenow.E
C:\Documents and Settings\Default User\dangerous do not open virus\Data\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0005=>(CAB Sfx 3r)=>Search.exe Disinfection failed
C:\Documents and Settings\Default User\dangerous do not open virus\Data\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0005=>(CAB Sfx 3r)=>Search.exe Move failed
C:\Documents and Settings\Default User\dangerous do not open virus\Data\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0005=>(CAB Sfx 3r)=>Uninst.exe Detected: Adware.Whenu.Savenow.AO
C:\Documents and Settings\Default User\dangerous do not open virus\Data\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0005=>(CAB Sfx 3r)=>Uninst.exe Disinfection failed
C:\Documents and Settings\Default User\dangerous do not open virus\Data\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0005=>(CAB Sfx 3r)=>Uninst.exe Move failed
C:\Documents and Settings\Default User\dangerous do not open virus\Data\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0005=>(CAB Sfx 4r)=>search.cab=>index.htm Detected: Adware.Savenow.DB
C:\Documents and Settings\Default User\dangerous do not open virus\Data\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0005=>(CAB Sfx 4r)=>search.cab=>index.htm Disinfection failed
C:\Documents and Settings\Default User\dangerous do not open virus\Data\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0005=>(CAB Sfx 4r)=>search.cab=>index.htm Move failed
C:\Documents and Settings\Default User\dangerous do not open virus\Data\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0006 Detected: Application.Ezula.AI
C:\Documents and Settings\Default User\dangerous do not open virus\Data\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0006 Disinfection failed
C:\Documents and Settings\Default User\dangerous do not open virus\Data\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0006 Move failed
C:\Documents and Settings\Default User\dangerous do not open virus\Data\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0007 Detected: Adware.ApropoAd.A
C:\Documents and Settings\Default User\dangerous do not open virus\Data\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0007 Disinfection failed
C:\Documents and Settings\Default User\dangerous do not open virus\Data\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0007 Move failed
C:\Documents and Settings\Default User\dangerous do not open virus\Data\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0008 Infected: Trojan.Qhost.AP
C:\Documents and Settings\Default User\dangerous do not open virus\Data\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0008 Disinfection failed
C:\Documents and Settings\Default User\dangerous do not open virus\Data\Data\all_files4.exe=>(NSIS o)=>zlib_nsis0008 Move failed
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP763\A0391256.EXE=>wise0012 Detected: Adware.Gamespyarcade.F
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP763\A0391256.EXE=>wise0012 Disinfection failed
C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP763\A0391256.EXE=>wise0012 Move failed

BC AdBot (Login to Remove)

 


#2 oldf@rt

oldf@rt

  • Members
  • 2,609 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Avondale, Arizona USA
  • Local time:05:05 PM

Posted 20 September 2007 - 01:46 AM

Try the scan with bitdefender again, only you need to set the actions to: 1st Disinfect, second action to delete. Let us know your results, please.
The name says it all -- 59 and holding permanently

**WARNING** Links I provide might cause brain damage

#3 jeksenly

jeksenly

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:07:05 AM

Posted 20 September 2007 - 01:54 AM

... Remove all_files4.exe in safe mode.. :thumbsup:

#4 Noss

Noss
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:05 PM

Posted 21 September 2007 - 02:33 AM

it did not work. it just said archived action failed. so nothing was deleted. Can i remove these things in safe mode? is that ...safe? When i first found the file bit defender protected me as all 13 warning and "you are protected" labels shot up. Now i just want to rid myself of them. So is deletion in safe mode the answer?

#5 oldf@rt

oldf@rt

  • Members
  • 2,609 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Avondale, Arizona USA
  • Local time:05:05 PM

Posted 21 September 2007 - 02:47 AM

Try safe mode next. Once you have the files viruses deleted, turn off system restore, restart your machine and then turn on system restore. You should now have a clean restore point.
The name says it all -- 59 and holding permanently

**WARNING** Links I provide might cause brain damage

#6 Noss

Noss
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:05 PM

Posted 23 September 2007 - 12:07 AM

so when i go into safe mode I can not find the folder. I go to documents and settings and the folder default user that these demons are in is not there. it is kind of see through so think it is hidden. I go out of safe mode and move it to my desk top, all the virus warning go up, protected protected as per usual, but back into safe mode it is not there. So any more suggestions?

#7 Noss

Noss
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:05 PM

Posted 23 September 2007 - 12:48 AM

nvm, figured out how to delete them. Further I turned system ristore off in safe mode, then turned my comp off turned it on and turned it back on it in regular mode. Running bit defneer now ty guys.

#8 oldf@rt

oldf@rt

  • Members
  • 2,609 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Avondale, Arizona USA
  • Local time:05:05 PM

Posted 23 September 2007 - 12:56 AM

Good to hear, all the saved in system restore viruses are gone.
The name says it all -- 59 and holding permanently

**WARNING** Links I provide might cause brain damage




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users