Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Im Infected, But I Cant Disinfect Them Or Move Them


  • Please log in to reply
7 replies to this topic

#1 koreainhyuk

koreainhyuk

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:08:24 AM

Posted 25 October 2006 - 05:16 PM

Im BitDefenender 9 user
I was infected from MSN messenger. (filename:photo656.pif)
iwas able to fix few of them but im still infected by several adwarr,trojan etc.,
and after scanning them, i cant disinfect them or move them into quarantine folder!!!

Please help...
this is my Bitdefender9 log


//-----------------------------------------------------------------
//
// Product: BitDefender 9 Professional Plus
// Version: 9.5
//
// Created on: 25/10/2006 22:27:23
//
//-----------------------------------------------------------------


Statistics

Scan path : C:\
D:\
Folders : 11363
Files : 1043081
Archives : 7475
Packed files : 120944
Identified viruses : 24
Infected files : 68
Warnings : 0
Suspect files : 0
Disinfected files : 0
Deleted files : 1
Copied files : 0
Moved files : 20
Renamed files : 0
I/O errors : 101
Scan time : 03:06:34
Scan speed (files/sec) : 93

Spyware Statistics

Memory processes scanned : 17
Memory processes infected : 0
Registry keys scanned : 1886
Registry keys infected : 1
Cookies scanned : 261
Cookies infected : 0
Spyware files infected : 0
Spyware threats detected : 1


Virus definitions : 506917
Scan plugins : 15
Archive plugins : 41
Unpack plugins : 6
Mail plugins : 6
System plugins : 5

Scan options

Detection
[X] Scan boot sectors
[X] Scan archives
[X] Scan packed files
[X] Scan email

File mask
[ ] Programs
[X] All files
[ ] User defined extensions:
[ ] Exclude extensions: ;

Action

Infected objects
[ ] Ignore
[X] Disinfect
[ ] Delete
[ ] Copy to quarantine
[ ] Move to quarantine
[ ] Rename
[ ] Prompt user

Second action
[ ] Ignore
[ ] Delete
[ ] Copy to quarantine
[X] Move to quarantine
[ ] Rename
[ ] Prompt user

Scan options
[X] Enable warnings
[X] Enable heuristics
[ ] Show all files in log
[X] Report file: C:\Program Files\Softwin\BitDefender9\Logs\vscan_1161779243.log

Spyware scan options

[X] Memory Processes
[X] Registry keys
[X] Cookies


Summary:

<System>=>HKEY_CLASSES_ROOT\MEZZIACODEC.CHL Detected: Trojan.Nebuler-G
<System>=>HKEY_CLASSES_ROOT\MEZZIACODEC.CHL Deleted
<System> Update failed
C:\Documents and Settings\ChunJe\Desktop\one.exe=>(NSIS o)=>lzma_solid_nsis0003 Detected: Adware.ToolBar888.B
C:\Documents and Settings\ChunJe\Desktop\one.exe=>(NSIS o)=>lzma_solid_nsis0003 Disinfection failed
C:\Documents and Settings\ChunJe\Desktop\one.exe=>(NSIS o)=>lzma_solid_nsis0003 Move failed
C:\Documents and Settings\ChunJe\Desktop\one.exe=>(NSIS o)=>lzma_solid_nsis0004 Detected: Adware.Softomate.S
C:\Documents and Settings\ChunJe\Desktop\one.exe=>(NSIS o)=>lzma_solid_nsis0004 Disinfection failed
C:\Documents and Settings\ChunJe\Desktop\one.exe=>(NSIS o)=>lzma_solid_nsis0004 Move failed
C:\Documents and Settings\ChunJe\Desktop\one.exe=>(NSIS o)=>lzma_solid_nsis0005 Detected: Adware.ToolBar888.B
C:\Documents and Settings\ChunJe\Desktop\one.exe=>(NSIS o)=>lzma_solid_nsis0005 Disinfection failed
C:\Documents and Settings\ChunJe\Desktop\one.exe=>(NSIS o)=>lzma_solid_nsis0005 Move failed
C:\Documents and Settings\ChunJe\Desktop\one.exe=>(NSIS o)=>lzma_solid_nsis0006 Detected: Adware.ToolBar888.B
C:\Documents and Settings\ChunJe\Desktop\one.exe=>(NSIS o)=>lzma_solid_nsis0006 Disinfection failed
C:\Documents and Settings\ChunJe\Desktop\one.exe=>(NSIS o)=>lzma_solid_nsis0006 Move failed
C:\Documents and Settings\ChunJe\Local Settings\Temporary Internet Files\Content.IE5\0HO1MJOH\install[1].exe=>(NSIS o)=>lzma_solid_nsis0003 Detected: Adware.ToolBar888.B
C:\Documents and Settings\ChunJe\Local Settings\Temporary Internet Files\Content.IE5\0HO1MJOH\install[1].exe=>(NSIS o)=>lzma_solid_nsis0003 Disinfection failed
C:\Documents and Settings\ChunJe\Local Settings\Temporary Internet Files\Content.IE5\0HO1MJOH\install[1].exe=>(NSIS o)=>lzma_solid_nsis0003 Move failed
C:\Documents and Settings\ChunJe\Local Settings\Temporary Internet Files\Content.IE5\0HO1MJOH\install[1].exe=>(NSIS o)=>lzma_solid_nsis0004 Detected: Adware.Softomate.S
C:\Documents and Settings\ChunJe\Local Settings\Temporary Internet Files\Content.IE5\0HO1MJOH\install[1].exe=>(NSIS o)=>lzma_solid_nsis0004 Disinfection failed
C:\Documents and Settings\ChunJe\Local Settings\Temporary Internet Files\Content.IE5\0HO1MJOH\install[1].exe=>(NSIS o)=>lzma_solid_nsis0004 Move failed
C:\Documents and Settings\ChunJe\Local Settings\Temporary Internet Files\Content.IE5\0HO1MJOH\install[1].exe=>(NSIS o)=>lzma_solid_nsis0005 Detected: Adware.ToolBar888.B
C:\Documents and Settings\ChunJe\Local Settings\Temporary Internet Files\Content.IE5\0HO1MJOH\install[1].exe=>(NSIS o)=>lzma_solid_nsis0005 Disinfection failed
C:\Documents and Settings\ChunJe\Local Settings\Temporary Internet Files\Content.IE5\0HO1MJOH\install[1].exe=>(NSIS o)=>lzma_solid_nsis0005 Move failed
C:\Documents and Settings\ChunJe\Local Settings\Temporary Internet Files\Content.IE5\0HO1MJOH\install[1].exe=>(NSIS o)=>lzma_solid_nsis0006 Detected: Adware.ToolBar888.B
C:\Documents and Settings\ChunJe\Local Settings\Temporary Internet Files\Content.IE5\0HO1MJOH\install[1].exe=>(NSIS o)=>lzma_solid_nsis0006 Disinfection failed
C:\Documents and Settings\ChunJe\Local Settings\Temporary Internet Files\Content.IE5\0HO1MJOH\install[1].exe=>(NSIS o)=>lzma_solid_nsis0006 Move failed
C:\Documents and Settings\ChunJe\Local Settings\Temporary Internet Files\Content.IE5\SNNNIG5D\deskbar_e[1].exe=>(ZIP Sfx o)=>deskbar.exe=>(NSIS o)=>lzma_solid_nsis0004 Detected: Application.Adware.Softomate.R
C:\Documents and Settings\ChunJe\Local Settings\Temporary Internet Files\Content.IE5\SNNNIG5D\deskbar_e[1].exe=>(ZIP Sfx o)=>deskbar.exe=>(NSIS o)=>lzma_solid_nsis0004 Disinfection failed
C:\Documents and Settings\ChunJe\Local Settings\Temporary Internet Files\Content.IE5\SNNNIG5D\deskbar_e[1].exe=>(ZIP Sfx o)=>deskbar.exe=>(NSIS o)=>lzma_solid_nsis0004 Move failed
C:\Documents and Settings\ChunJe\one.exe=>(NSIS o)=>lzma_solid_nsis0003 Detected: Adware.ToolBar888.B
C:\Documents and Settings\ChunJe\one.exe=>(NSIS o)=>lzma_solid_nsis0003 Disinfection failed
C:\Documents and Settings\ChunJe\one.exe=>(NSIS o)=>lzma_solid_nsis0003 Move failed
C:\Documents and Settings\ChunJe\one.exe=>(NSIS o)=>lzma_solid_nsis0004 Detected: Adware.Softomate.S
C:\Documents and Settings\ChunJe\one.exe=>(NSIS o)=>lzma_solid_nsis0004 Disinfection failed
C:\Documents and Settings\ChunJe\one.exe=>(NSIS o)=>lzma_solid_nsis0004 Move failed
C:\Documents and Settings\ChunJe\one.exe=>(NSIS o)=>lzma_solid_nsis0005 Detected: Adware.ToolBar888.B
C:\Documents and Settings\ChunJe\one.exe=>(NSIS o)=>lzma_solid_nsis0005 Disinfection failed
C:\Documents and Settings\ChunJe\one.exe=>(NSIS o)=>lzma_solid_nsis0005 Move failed
C:\Documents and Settings\ChunJe\one.exe=>(NSIS o)=>lzma_solid_nsis0006 Detected: Adware.ToolBar888.B
C:\Documents and Settings\ChunJe\one.exe=>(NSIS o)=>lzma_solid_nsis0006 Disinfection failed
C:\Documents and Settings\ChunJe\one.exe=>(NSIS o)=>lzma_solid_nsis0006 Move failed
C:\Documents and Settings\InHyuk\Local Settings\Application Data\Microsoft\Messenger\koreainhyuk@hotmail.com\SharingMetadata\txskool@hotmail.com\DFSR\Installing\Msn Echo-{FC84C2C4-A949-4EF5-9AAD-1CBC2D9E0DCE}-v50.changtoexe Infected: Trojan.MSN.VB.A
C:\Documents and Settings\InHyuk\Local Settings\Application Data\Microsoft\Messenger\koreainhyuk@hotmail.com\SharingMetadata\txskool@hotmail.com\DFSR\Installing\Msn Echo-{FC84C2C4-A949-4EF5-9AAD-1CBC2D9E0DCE}-v50.changtoexe Disinfection failed
C:\Documents and Settings\InHyuk\Local Settings\Application Data\Microsoft\Messenger\koreainhyuk@hotmail.com\SharingMetadata\txskool@hotmail.com\DFSR\Installing\Msn Echo-{FC84C2C4-A949-4EF5-9AAD-1CBC2D9E0DCE}-v50.changtoexe Moved
C:\Documents and Settings\InHyuk\Local Settings\Temp\b116.exe=>(NSIS o)=>lzma_solid_nsis0002 Infected: Trojan.Downloader.PurityScan.AR
C:\Documents and Settings\InHyuk\Local Settings\Temp\b116.exe=>(NSIS o)=>lzma_solid_nsis0002 Disinfection failed
C:\Documents and Settings\InHyuk\Local Settings\Temp\b116.exe=>(NSIS o)=>lzma_solid_nsis0002 Move failed
C:\Documents and Settings\InHyuk\Local Settings\Temp\mc-110-12-0001232.exe=>(NSIS o)=>lzma_solid_nsis0003 Detected: Adware.ToolBar888.B
C:\Documents and Settings\InHyuk\Local Settings\Temp\mc-110-12-0001232.exe=>(NSIS o)=>lzma_solid_nsis0003 Disinfection failed
C:\Documents and Settings\InHyuk\Local Settings\Temp\mc-110-12-0001232.exe=>(NSIS o)=>lzma_solid_nsis0003 Move failed
C:\Documents and Settings\InHyuk\Local Settings\Temp\mc-110-12-0001232.exe=>(NSIS o)=>lzma_solid_nsis0004 Detected: Adware.Softomate.S
C:\Documents and Settings\InHyuk\Local Settings\Temp\mc-110-12-0001232.exe=>(NSIS o)=>lzma_solid_nsis0004 Disinfection failed
C:\Documents and Settings\InHyuk\Local Settings\Temp\mc-110-12-0001232.exe=>(NSIS o)=>lzma_solid_nsis0004 Move failed
C:\Documents and Settings\InHyuk\Local Settings\Temp\mc-110-12-0001232.exe=>(NSIS o)=>lzma_solid_nsis0005 Detected: Adware.ToolBar888.B
C:\Documents and Settings\InHyuk\Local Settings\Temp\mc-110-12-0001232.exe=>(NSIS o)=>lzma_solid_nsis0005 Disinfection failed
C:\Documents and Settings\InHyuk\Local Settings\Temp\mc-110-12-0001232.exe=>(NSIS o)=>lzma_solid_nsis0005 Move failed
C:\Documents and Settings\InHyuk\Local Settings\Temp\mc-110-12-0001232.exe=>(NSIS o)=>lzma_solid_nsis0006 Detected: Adware.ToolBar888.B
C:\Documents and Settings\InHyuk\Local Settings\Temp\mc-110-12-0001232.exe=>(NSIS o)=>lzma_solid_nsis0006 Disinfection failed
C:\Documents and Settings\InHyuk\Local Settings\Temp\mc-110-12-0001232.exe=>(NSIS o)=>lzma_solid_nsis0006 Move failed
C:\Documents and Settings\InHyuk\Local Settings\Temp\winA2.tmp.exe Infected: MemScan:Trojan.Vundo.K
C:\Documents and Settings\InHyuk\Local Settings\Temp\winA2.tmp.exe Disinfection failed
C:\Documents and Settings\InHyuk\Local Settings\Temp\winA2.tmp.exe Moved
C:\Documents and Settings\InHyuk\Local Settings\Temp\winA4.tmp.exe=>(NSIS o)=>lzma_solid_nsis0003 Detected: Adware.Mcboo.A
C:\Documents and Settings\InHyuk\Local Settings\Temp\winA4.tmp.exe=>(NSIS o)=>lzma_solid_nsis0003 Disinfection failed
C:\Documents and Settings\InHyuk\Local Settings\Temp\winA4.tmp.exe=>(NSIS o)=>lzma_solid_nsis0003 Move failed
C:\Documents and Settings\InHyuk\Local Settings\Temp\winA4.tmp.exe=>(NSIS o)=>lzma_solid_nsis0004 Detected: Adware.Mcboo.A
C:\Documents and Settings\InHyuk\Local Settings\Temp\winA4.tmp.exe=>(NSIS o)=>lzma_solid_nsis0004 Disinfection failed
C:\Documents and Settings\InHyuk\Local Settings\Temp\winA4.tmp.exe=>(NSIS o)=>lzma_solid_nsis0004 Move failed
C:\Documents and Settings\InHyuk\Local Settings\Temp\winA4.tmp.exe=>(NSIS o)=>lzma_solid_nsis0005 Detected: Adware.Toolbar888.A
C:\Documents and Settings\InHyuk\Local Settings\Temp\winA4.tmp.exe=>(NSIS o)=>lzma_solid_nsis0005 Disinfection failed
C:\Documents and Settings\InHyuk\Local Settings\Temp\winA4.tmp.exe=>(NSIS o)=>lzma_solid_nsis0005 Move failed
C:\Documents and Settings\InHyuk\Local Settings\Temp\winA8.tmp.exe Infected: Generic.Zlob.6F343D99
C:\Documents and Settings\InHyuk\Local Settings\Temp\winA8.tmp.exe Disinfection failed
C:\Documents and Settings\InHyuk\Local Settings\Temp\winA8.tmp.exe Moved
C:\Documents and Settings\InHyuk\Local Settings\Temp\winAC.tmp.exe Infected: Trojan.Downloader.Purityscan.CQ
C:\Documents and Settings\InHyuk\Local Settings\Temp\winAC.tmp.exe Disinfection failed
C:\Documents and Settings\InHyuk\Local Settings\Temp\winAC.tmp.exe Moved
C:\Documents and Settings\InHyuk\Local Settings\Temporary Internet Files\Content.IE5\CZ0L2FAR\116[1].net=>(NSIS o)=>lzma_solid_nsis0002 Infected: Trojan.Downloader.PurityScan.AR
C:\Documents and Settings\InHyuk\Local Settings\Temporary Internet Files\Content.IE5\CZ0L2FAR\116[1].net=>(NSIS o)=>lzma_solid_nsis0002 Disinfection failed
C:\Documents and Settings\InHyuk\Local Settings\Temporary Internet Files\Content.IE5\CZ0L2FAR\116[1].net=>(NSIS o)=>lzma_solid_nsis0002 Move failed
C:\Documents and Settings\InHyuk\Local Settings\Temporary Internet Files\Content.IE5\CZ0L2FAR\install[1].exe=>(NSIS o)=>lzma_solid_nsis0003 Detected: Adware.ToolBar888.B
C:\Documents and Settings\InHyuk\Local Settings\Temporary Internet Files\Content.IE5\CZ0L2FAR\install[1].exe=>(NSIS o)=>lzma_solid_nsis0003 Disinfection failed
C:\Documents and Settings\InHyuk\Local Settings\Temporary Internet Files\Content.IE5\CZ0L2FAR\install[1].exe=>(NSIS o)=>lzma_solid_nsis0003 Move failed
C:\Documents and Settings\InHyuk\Local Settings\Temporary Internet Files\Content.IE5\CZ0L2FAR\install[1].exe=>(NSIS o)=>lzma_solid_nsis0004 Detected: Adware.Softomate.S
C:\Documents and Settings\InHyuk\Local Settings\Temporary Internet Files\Content.IE5\CZ0L2FAR\install[1].exe=>(NSIS o)=>lzma_solid_nsis0004 Disinfection failed
C:\Documents and Settings\InHyuk\Local Settings\Temporary Internet Files\Content.IE5\CZ0L2FAR\install[1].exe=>(NSIS o)=>lzma_solid_nsis0004 Move failed
C:\Documents and Settings\InHyuk\Local Settings\Temporary Internet Files\Content.IE5\CZ0L2FAR\install[1].exe=>(NSIS o)=>lzma_solid_nsis0005 Detected: Adware.ToolBar888.B
C:\Documents and Settings\InHyuk\Local Settings\Temporary Internet Files\Content.IE5\CZ0L2FAR\install[1].exe=>(NSIS o)=>lzma_solid_nsis0005 Disinfection failed
C:\Documents and Settings\InHyuk\Local Settings\Temporary Internet Files\Content.IE5\CZ0L2FAR\install[1].exe=>(NSIS o)=>lzma_solid_nsis0005 Move failed
C:\Documents and Settings\InHyuk\Local Settings\Temporary Internet Files\Content.IE5\CZ0L2FAR\install[1].exe=>(NSIS o)=>lzma_solid_nsis0006 Detected: Adware.ToolBar888.B
C:\Documents and Settings\InHyuk\Local Settings\Temporary Internet Files\Content.IE5\CZ0L2FAR\install[1].exe=>(NSIS o)=>lzma_solid_nsis0006 Disinfection failed
C:\Documents and Settings\InHyuk\Local Settings\Temporary Internet Files\Content.IE5\CZ0L2FAR\install[1].exe=>(NSIS o)=>lzma_solid_nsis0006 Move failed
C:\Documents and Settings\InHyuk\Local Settings\Temporary Internet Files\Content.IE5\CZ0L2FAR\love[1].mp3 Infected: Trojan.Agent.VB.VT
C:\Documents and Settings\InHyuk\Local Settings\Temporary Internet Files\Content.IE5\CZ0L2FAR\love[1].mp3 Disinfection failed
C:\Documents and Settings\InHyuk\Local Settings\Temporary Internet Files\Content.IE5\CZ0L2FAR\love[1].mp3 Moved
C:\Documents and Settings\InHyuk\Local Settings\Temporary Internet Files\Content.IE5\K14DUH83\drsmartload44a[1].exe Infected: Trojan.Downloader.Adload.FD
C:\Documents and Settings\InHyuk\Local Settings\Temporary Internet Files\Content.IE5\K14DUH83\drsmartload44a[1].exe Disinfection failed
C:\Documents and Settings\InHyuk\Local Settings\Temporary Internet Files\Content.IE5\K14DUH83\drsmartload44a[1].exe Moved
C:\Documents and Settings\InHyuk\Local Settings\Temporary Internet Files\Content.IE5\K14DUH83\install[1].exe=>(NSIS o)=>lzma_solid_nsis0003 Detected: Adware.ToolBar888.B
C:\Documents and Settings\InHyuk\Local Settings\Temporary Internet Files\Content.IE5\K14DUH83\install[1].exe=>(NSIS o)=>lzma_solid_nsis0003 Disinfection failed
C:\Documents and Settings\InHyuk\Local Settings\Temporary Internet Files\Content.IE5\K14DUH83\install[1].exe=>(NSIS o)=>lzma_solid_nsis0003 Move failed
C:\Documents and Settings\InHyuk\Local Settings\Temporary Internet Files\Content.IE5\K14DUH83\install[1].exe=>(NSIS o)=>lzma_solid_nsis0004 Detected: Adware.Softomate.S
C:\Documents and Settings\InHyuk\Local Settings\Temporary Internet Files\Content.IE5\K14DUH83\install[1].exe=>(NSIS o)=>lzma_solid_nsis0004 Disinfection failed
C:\Documents and Settings\InHyuk\Local Settings\Temporary Internet Files\Content.IE5\K14DUH83\install[1].exe=>(NSIS o)=>lzma_solid_nsis0004 Move failed
C:\Documents and Settings\InHyuk\Local Settings\Temporary Internet Files\Content.IE5\K14DUH83\install[1].exe=>(NSIS o)=>lzma_solid_nsis0005 Detected: Adware.ToolBar888.B
C:\Documents and Settings\InHyuk\Local Settings\Temporary Internet Files\Content.IE5\K14DUH83\install[1].exe=>(NSIS o)=>lzma_solid_nsis0005 Disinfection failed
C:\Documents and Settings\InHyuk\Local Settings\Temporary Internet Files\Content.IE5\K14DUH83\install[1].exe=>(NSIS o)=>lzma_solid_nsis0005 Move failed
C:\Documents and Settings\InHyuk\Local Settings\Temporary Internet Files\Content.IE5\K14DUH83\install[1].exe=>(NSIS o)=>lzma_solid_nsis0006 Detected: Adware.ToolBar888.B
C:\Documents and Settings\InHyuk\Local Settings\Temporary Internet Files\Content.IE5\K14DUH83\install[1].exe=>(NSIS o)=>lzma_solid_nsis0006 Disinfection failed
C:\Documents and Settings\InHyuk\Local Settings\Temporary Internet Files\Content.IE5\K14DUH83\install[1].exe=>(NSIS o)=>lzma_solid_nsis0006 Move failed
C:\Documents and Settings\InHyuk\Local Settings\Temporary Internet Files\Content.IE5\K14DUH83\o[1].mp3 Infected: Trojan.Flooder.VB.AE
C:\Documents and Settings\InHyuk\Local Settings\Temporary Internet Files\Content.IE5\K14DUH83\o[1].mp3 Disinfection failed
C:\Documents and Settings\InHyuk\Local Settings\Temporary Internet Files\Content.IE5\K14DUH83\o[1].mp3 Moved
C:\Documents and Settings\InHyuk\Local Settings\Temporary Internet Files\Content.IE5\UPELQPQZ\deskbar_e[1].exe=>(ZIP Sfx o)=>deskbar.exe=>(NSIS o)=>lzma_solid_nsis0004 Detected: Application.Adware.Softomate.R
C:\Documents and Settings\InHyuk\Local Settings\Temporary Internet Files\Content.IE5\UPELQPQZ\deskbar_e[1].exe=>(ZIP Sfx o)=>deskbar.exe=>(NSIS o)=>lzma_solid_nsis0004 Disinfection failed
C:\Documents and Settings\InHyuk\Local Settings\Temporary Internet Files\Content.IE5\UPELQPQZ\deskbar_e[1].exe=>(ZIP Sfx o)=>deskbar.exe=>(NSIS o)=>lzma_solid_nsis0004 Move failed
C:\Documents and Settings\InHyuk\Local Settings\Temporary Internet Files\Content.IE5\UPELQPQZ\loader[1].exe Infected: Trojan.Downloader.Adload.FC
C:\Documents and Settings\InHyuk\Local Settings\Temporary Internet Files\Content.IE5\UPELQPQZ\loader[1].exe Disinfection failed
C:\Documents and Settings\InHyuk\Local Settings\Temporary Internet Files\Content.IE5\UPELQPQZ\loader[1].exe Moved
C:\Program Files\GameSpy Arcade\Services\_common\PortraitLoader.dll Detected: Adware.Gamespyarcade.B
C:\Program Files\GameSpy Arcade\Services\_common\PortraitLoader.dll Disinfection failed
C:\Program Files\GameSpy Arcade\Services\_common\PortraitLoader.dll Moved
C:\Program Files\GThing\loadergthing1.7(2).exe Infected: Trojan.Packed.Cryptexe.M
C:\Program Files\GThing\loadergthing1.7(2).exe Disinfection failed
C:\Program Files\GThing\loadergthing1.7(2).exe Moved
C:\Program Files\Mozilla Firefox\speedy.exe Infected: Trojan.Agent.VB.VT
C:\Program Files\Mozilla Firefox\speedy.exe Disinfection failed
C:\Program Files\Mozilla Firefox\speedy.exe Moved
C:\Program Files\Mozilla Firefox\w.exe Infected: Trojan.Flooder.VB.AE
C:\Program Files\Mozilla Firefox\w.exe Disinfection failed
C:\Program Files\Mozilla Firefox\w.exe Moved
C:\Program Files\safe fence\Quarantine\2006년10월25일7시58분11초\WildTangent\files.zip=>C:/WINDOWS/wt/webdriver/wthost.exe Detected: Application.Low.Risk.Adware.Wildtangent.C
C:\Program Files\safe fence\Quarantine\2006년10월25일7시58분11초\WildTangent\files.zip=>C:/WINDOWS/wt/webdriver/wthost.exe Disinfection failed
C:\Program Files\safe fence\Quarantine\2006년10월25일7시58분11초\WildTangent\files.zip=>C:/WINDOWS/wt/wtupdates/wtwebdriver/files/3.3.1.001/npwthost.dll Detected: Adware.Wildtangent.B
C:\Program Files\safe fence\Quarantine\2006년10월25일7시58분11초\WildTangent\files.zip=>C:/WINDOWS/wt/wtupdates/wtwebdriver/files/3.3.1.001/npwthost.dll Disinfection failed
C:\Program Files\safe fence\Quarantine\2006년10월25일7시58분11초\WildTangent\files.zip=>C:/WINDOWS/wt/wtupdates/wtwebdriver/files/3.3.1.001/wthost.exe Detected: Application.Low.Risk.Adware.Wildtangent.C
C:\Program Files\safe fence\Quarantine\2006년10월25일7시58분11초\WildTangent\files.zip=>C:/WINDOWS/wt/wtupdates/wtwebdriver/files/3.3.1.001/wthost.exe Disinfection failed
C:\Program Files\safe fence\Quarantine\2006년10월25일7시58분11초\WildTangent\files.zip=>C:/WINDOWS/wt/wtupdates/wtwebdriver/files/3.3.1.001/wtvh.dll Detected: Application.Low.Risk.Adware.Wildtangent.A
C:\Program Files\safe fence\Quarantine\2006년10월25일7시58분11초\WildTangent\files.zip=>C:/WINDOWS/wt/wtupdates/wtwebdriver/files/3.3.1.001/wtvh.dll Disinfection failed
C:\Program Files\safe fence\Quarantine\2006년10월25일7시58분11초\WildTangent\files.zip=>C:/WINDOWS/wt/wtvh.dll Detected: Application.Low.Risk.Adware.Wildtangent.A
C:\Program Files\safe fence\Quarantine\2006년10월25일7시58분11초\WildTangent\files.zip=>C:/WINDOWS/wt/wtvh.dll Disinfection failed
C:\Program Files\safe fence\Quarantine\2006년10월25일7시58분11초\WildTangent\files.zip Moved
C:\Program Files\safe fence\Quarantine\2006년10월25일8시8분21초\WildTangent\files.zip=>C:/WINDOWS/wt/webdriver/wthost.exe Detected: Application.Low.Risk.Adware.Wildtangent.C
C:\Program Files\safe fence\Quarantine\2006년10월25일8시8분21초\WildTangent\files.zip=>C:/WINDOWS/wt/webdriver/wthost.exe Disinfection failed
C:\Program Files\safe fence\Quarantine\2006년10월25일8시8분21초\WildTangent\files.zip=>C:/WINDOWS/wt/wtupdates/wtwebdriver/files/3.3.1.001/npwthost.dll Detected: Adware.Wildtangent.B
C:\Program Files\safe fence\Quarantine\2006년10월25일8시8분21초\WildTangent\files.zip=>C:/WINDOWS/wt/wtupdates/wtwebdriver/files/3.3.1.001/npwthost.dll Disinfection failed
C:\Program Files\safe fence\Quarantine\2006년10월25일8시8분21초\WildTangent\files.zip=>C:/WINDOWS/wt/wtupdates/wtwebdriver/files/3.3.1.001/wthost.exe Detected: Application.Low.Risk.Adware.Wildtangent.C
C:\Program Files\safe fence\Quarantine\2006년10월25일8시8분21초\WildTangent\files.zip=>C:/WINDOWS/wt/wtupdates/wtwebdriver/files/3.3.1.001/wthost.exe Disinfection failed
C:\Program Files\safe fence\Quarantine\2006년10월25일8시8분21초\WildTangent\files.zip=>C:/WINDOWS/wt/wtupdates/wtwebdriver/files/3.3.1.001/wtvh.dll Detected: Application.Low.Risk.Adware.Wildtangent.A
C:\Program Files\safe fence\Quarantine\2006년10월25일8시8분21초\WildTangent\files.zip=>C:/WINDOWS/wt/wtupdates/wtwebdriver/files/3.3.1.001/wtvh.dll Disinfection failed
C:\Program Files\safe fence\Quarantine\2006년10월25일8시8분21초\WildTangent\files.zip=>C:/WINDOWS/wt/wtvh.dll Detected: Application.Low.Risk.Adware.Wildtangent.A
C:\Program Files\safe fence\Quarantine\2006년10월25일8시8분21초\WildTangent\files.zip=>C:/WINDOWS/wt/wtvh.dll Disinfection failed
C:\Program Files\safe fence\Quarantine\2006년10월25일8시8분21초\WildTangent\files.zip Moved
C:\Program Files\Softwin\BitDefender9\Quarantine\khrwbrkr.dll Infected: Trojan.Candebe.CZ
C:\Program Files\Softwin\BitDefender9\Quarantine\khrwbrkr.dll Disinfection failed
C:\Program Files\Softwin\BitDefender9\Quarantine\khrwbrkr.dll Move failed
C:\WINDOWS\system32\one.exe=>(NSIS o)=>lzma_solid_nsis0003 Detected: Adware.ToolBar888.B
C:\WINDOWS\system32\one.exe=>(NSIS o)=>lzma_solid_nsis0003 Disinfection failed
C:\WINDOWS\system32\one.exe=>(NSIS o)=>lzma_solid_nsis0003 Move failed
C:\WINDOWS\system32\one.exe=>(NSIS o)=>lzma_solid_nsis0004 Detected: Adware.Softomate.S
C:\WINDOWS\system32\one.exe=>(NSIS o)=>lzma_solid_nsis0004 Disinfection failed
C:\WINDOWS\system32\one.exe=>(NSIS o)=>lzma_solid_nsis0004 Move failed
C:\WINDOWS\system32\one.exe=>(NSIS o)=>lzma_solid_nsis0005 Detected: Adware.ToolBar888.B
C:\WINDOWS\system32\one.exe=>(NSIS o)=>lzma_solid_nsis0005 Disinfection failed
C:\WINDOWS\system32\one.exe=>(NSIS o)=>lzma_solid_nsis0005 Move failed
C:\WINDOWS\system32\one.exe=>(NSIS o)=>lzma_solid_nsis0006 Detected: Adware.ToolBar888.B
C:\WINDOWS\system32\one.exe=>(NSIS o)=>lzma_solid_nsis0006 Disinfection failed
C:\WINDOWS\system32\one.exe=>(NSIS o)=>lzma_solid_nsis0006 Move failed
C:\WINDOWS\wt\webdriver\wthost.exe Detected: Application.Low.Risk.Adware.Wildtangent.C
C:\WINDOWS\wt\webdriver\wthost.exe Disinfection failed
C:\WINDOWS\wt\webdriver\wthost.exe Moved
C:\WINDOWS\wt\wtupdates\wtwebdriver\files\3.3.1.001\npwthost.dll Detected: Adware.Wildtangent.B
C:\WINDOWS\wt\wtupdates\wtwebdriver\files\3.3.1.001\npwthost.dll Disinfection failed
C:\WINDOWS\wt\wtupdates\wtwebdriver\files\3.3.1.001\npwthost.dll Moved
C:\WINDOWS\wt\wtupdates\wtwebdriver\files\3.3.1.001\wthost.exe Detected: Application.Low.Risk.Adware.Wildtangent.C
C:\WINDOWS\wt\wtupdates\wtwebdriver\files\3.3.1.001\wthost.exe Disinfection failed
C:\WINDOWS\wt\wtupdates\wtwebdriver\files\3.3.1.001\wthost.exe Moved
C:\WINDOWS\wt\wtupdates\wtwebdriver\files\3.3.1.001\wtvh.dll Detected: Application.Low.Risk.Adware.Wildtangent.A
C:\WINDOWS\wt\wtupdates\wtwebdriver\files\3.3.1.001\wtvh.dll Disinfection failed
C:\WINDOWS\wt\wtupdates\wtwebdriver\files\3.3.1.001\wtvh.dll Moved
C:\WINDOWS\wt\wtvh.dll Detected: Application.Low.Risk.Adware.Wildtangent.A
C:\WINDOWS\wt\wtvh.dll Disinfection failed
C:\WINDOWS\wt\wtvh.dll Moved
D:\[bitdefender] Cracks\BitDefender Professional Plus v9 Build 9.5\run.exe=>(NSIS o)=>lzma_nsis0006 Infected: Trojan.Downloader.Zlob.ACX
D:\[bitdefender] Cracks\BitDefender Professional Plus v9 Build 9.5\run.exe=>(NSIS o)=>lzma_nsis0006 Disinfection failed
D:\[bitdefender] Cracks\BitDefender Professional Plus v9 Build 9.5\run.exe=>(NSIS o)=>lzma_nsis0006 Move failed
D:\[bitdefender] Cracks\BitDefender Professional Plus v9 Build 9.5.zip=>run.exe=>(NSIS o)=>lzma_nsis0006 Infected: Trojan.Downloader.Zlob.ACX
D:\[bitdefender] Cracks\BitDefender Professional Plus v9 Build 9.5.zip=>run.exe=>(NSIS o)=>lzma_nsis0006 Disinfection failed
D:\[bitdefender] Cracks\BitDefender Professional Plus v9 Build 9.5.zip=>run.exe=>(NSIS o)=>lzma_nsis0006 Move failed
D:\조인혁\기타\GThing1.7\GThing1.7\loadergthing1.7(2).exe Infected: Trojan.Packed.Cryptexe.M
D:\조인혁\기타\GThing1.7\GThing1.7\loadergthing1.7(2).exe Disinfection failed
D:\조인혁\기타\GThing1.7\GThing1.7\loadergthing1.7(2).exe Moved
D:\조인혁\기타\GThing1.7.rar=>GThing1.7\loadergthing1.7(2).exe Infected: Trojan.Packed.Cryptexe.M
D:\조인혁\기타\GThing1.7.rar=>GThing1.7\loadergthing1.7(2).exe Disinfection failed
D:\조인혁\기타\GThing1.7.rar=>GThing1.7\loadergthing1.7(2).exe Move failed
D:\조인혁\설치\netobserve-setup-sw.exe=>(VISE Installer o)=>broadcast.exe Detected: Spyware.Netobserve.A
D:\조인혁\설치\netobserve-setup-sw.exe=>(VISE Installer o)=>broadcast.exe Disinfection failed
D:\조인혁\설치\netobserve-setup-sw.exe=>(VISE Installer o)=>broadcast.exe Move failed

BC AdBot (Login to Remove)

 


#2 TearsInHvn

TearsInHvn

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:09:24 AM

Posted 26 October 2006 - 12:27 AM

Have you tried booting into safe mode and then running a scan? Sometimes it works! Just a suggestion!

Tears

http://www3.ca.com/securityadvisor/pest/pe...px?id=453100481 some info for you here at this site.

Edited by TearsInHvn, 26 October 2006 - 12:31 AM.


#3 koreainhyuk

koreainhyuk
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:08:24 AM

Posted 26 October 2006 - 01:06 AM

bitdefender canot be run in safe mode,,

any sugestions?????

#4 koreainhyuk

koreainhyuk
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:08:24 AM

Posted 26 October 2006 - 01:07 AM

any other good anti-virus programs that can be run in safe mode....

please recommend,,,, for me,,,

any anti-virus,,, doesnt have to be free,,,,

#5 natakaasd

natakaasd

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:09:24 PM

Posted 26 October 2006 - 08:45 AM

C:\Documents and Settings\ChunJe\Desktop\one.exe=>(NSIS o)=>lzma_solid_nsis0003 Detected: Adware.ToolBar888.B

From the look of it, the problem resides inside the exe itself. Quarantine the exe file. Hope this helps. Cheers!

#6 TearsInHvn

TearsInHvn

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:09:24 AM

Posted 26 October 2006 - 09:19 AM

If you go to that link i mentioned above, you can remove all the instances of the virus. They are listed there. Reg keys and all.

#7 Starbuck

Starbuck

    'r Brudiwr


  • Malware Response Team
  • 4,149 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midlands, UK
  • Local time:02:24 PM

Posted 26 October 2006 - 02:02 PM

Hi koreainhyuk
Have you tried running Avg AntiSpyware 7.5 ?? (Works with Windows 2000 and Windows xp)
You can download it from Avg AntiSpyware 7.5

1. After download, double click on the file to launch the install process.
2. Choose a language, click "OK" and then click "Next".
3. Read the "License Agreement" and click "I Agree".
4. Accept default installation path: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5, click "Next", then click "Install".
5. After setup completes, click "Finish" to start the program automatically or launch AVG Anti-Spyware by double-clicking its icon on your desktop or in the system tray.
6. The main "Status" menu will appear. Select "Change state" to inactivate 'Resident Shield' and 'Automatic Updates'.
7. Then right click on AVG Anti-Spyware in the system tray and uncheck "Start with Windows".
8. Go to Start > Run and type: services.msc

* Press "OK".
* Click the "Extended tab" and scroll down the list to find AVG Anti-Spyware guard.
* When you find the guard service, double-click on it.
* In the Properties Window > General Tab that opens, click the "Stop" button.
* From the drop-down menu next to "Startup Type", click on "Manual".
* Now click "Apply", then "OK" and close the Services window.

9. Select the "Update" button and click "Start update". Wait until you see the "Update succesfull message. Exit AVG Anti-Spyware when done - DO NOT perform a scan yet.

Step 2: Reboot your computer in "SAFE MODE" using the F8 method. To do this, restart your computer and after hearing your computer beep once during startup [but before the Windows icon appears] press the F8 key repeatedly. A menu will appear with several options. Use the arrow keys to navigate and select the option to run Windows in "Safe Mode".

Step 3: Scan with AVG Anti-Spyware as follows:
1. Launch AVG Anti-Spyware, click on the "Scanner" button and choose the "Settings" tab.

* Under "How to act?", click on "Recommended actions" and choose "Quarantine" to set default action for detected malware.
* Under "How to Scan?" check all (default).
* Under "Possibly unwanted software" check all (default).
* Under "What to Scan?" make sure "Scan every file" is selected (default).
* Under "Reports" select "Automatically generate report after every scan" and UNcheck "Only if threats were found".

2. Click the "Scan" tab to return to scanning options.
3. Click "Complete System Scan" to start.
4. When the scan has finished you will be presented with a list of infected objects found. Click "Apply all actions" to place the files in Quarantine.

IMPORTANT! Do not save the report before you have clicked the Apply all actions button. If you do, the log that is created will indicate "No action taken", making it more difficult to interpret the report. So be sure you save it only AFTER clicking the "Apply all actions" button?

5. Click on "Save Report" to view all completed scans. Click on the most recent scan you just performed and select "Save report as" - the default file name will be in date/time format as follows: Report-Scan-20060620-142816.txt. Save to your desktop. A copy of each report will also be saved in C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Reports\
6. Exit AVG Anti-Spyware when done, reboot normally.

Note: Close all open windows, programs, and DO NOT USE the computer while AVG Anti-Spyware is scanning. If Explorer or other programs are open during the scan that means certain files will also be in use. Some malware will insert itself and hide in areas that are "protected" by Windows when the files are being used. This can hamper AVG Anti-Spyware's ability to clean properly and may result in reinfection.

Try this and let us know if things have improved.

BBPP6nz.png


#8 koreainhyuk

koreainhyuk
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:08:24 AM

Posted 27 October 2006 - 01:44 AM

thanks for the tips...
i will try and let you know what happend,,,




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users