Genpack:backdoor.pushbot.a

eugeneang
eugeneang
edited January 2009 in Malware talk

//-----------------------------------------------------------------


//


// ProductBitDefender Antivirus Plus v10


// Product10.2


//


// Created on: 05/01/2009 23:00:28


//


//-----------------------------------------------------------------


Virus Statistics


Scan path : C:\


D:\


Folders : 5961


Files : 410421


Memory processes scanned : 0


Archives : 16487


Runtime packers : 30840


Identified viruses : 1


Infected files : 1


Memory processes infected : 0


Suspect files : 0


Warnings : 0


Disinfected files : 0


Deleted files : 1


Moved files : 0


I/O errors : 36


Scan time : 01:44:57


Scan speed (files/sec) : 65


Spyware Statistics


Registry keys scanned : 0


Registry keys infected : 0


Cookies scanned : 0


Cookies infected : 0


Spyware files infected : 0


Spyware threats detected : 0


Virus definitions : 2404915


Scan plugins : 17


Archive plugins : 45


Unpack plugins : 7


Mail plugins : 6


System plugins : 5


Virus scan options


Detection


[X] Scan boot sectors


[X] Memory Processes


[X] Scan archives


[X] Scan runtime packers


[X] Scan email


File mask


[ ] Programs


[X] All files


[ ] User defined extensions:


[ ] Exclude extensions: ;


Action


Infected objects


[ ] Ignore


[X] Disinfect


[ ] Delete


[ ] Move to quarantine


[ ] Prompt user


Second action


[ ] Ignore


[ ] Delete


[X] Move to quarantine


[ ] Prompt user


Virus scan options


[X] Enable warnings


[X] Enable heuristics


[ ] Show all files in log


[X] Report file: C:\Documents and Settings\All Users\Application Data\Bitdefender\Desktop\Profiles\Logs\deep_scan\1231167628.log


Spyware scan options


[X] Scan for riskware


[ ] Skip dial and applications from scan


[X] Registry keys


[X] Cookies


Summary:


C:\WINDOWS\system32\NTSpool.exe Infected: GenPack:Backdoor.Pushbot.A


C:\WINDOWS\system32\NTSpool.exe Deleted


Hey guys i need help... bitdefender says it has deleted this virus..however when i go to C:\WINDOWS\system32\ NTSPool is still there?

Comments

  • rootkit
    rootkit ✭✭✭

    Run a new scan and paste the log here :)

  • Sm3K3R
    Sm3K3R ✭✭✭

    eugene199 ,disable system restore on all drives,delete Recycled folders on all drives,clean Prefetch folder content and remove temporary files(use windows disk clean up tool) then download ,install and update SpyBot Search & Distroy ,remove the network cable, restart computer and enter in safe mode (press F8 at computer start up right after the mobo BIOS info) and run scans with BD(in safe mode use the Start menu BD scan shortcut) and SpyBot Search & Distroy.Aditionally you may run a Malwarebytes Antimalware scan.


    Good Luck!

All Time Leaders

Categories

Defenders of the month