Kindly be advised we cannot cancel subscriptions or issue refunds on the forum.
You may cancel your Bitdefender subscription from Bitdefender Central or by contacting Customer Support at: https://www.bitdefender.com/consumer/support/help/

Thank you for your understanding.

Bd Failure And "quarantine Internal Failure"

Options
lsiegert
lsiegert
in Malware talk

Hi,


This is my first posting so thank you, in advance, for your patience. I've seen a couple of other posts similar to this, but I am still unsure of the answer.


BD shows that this virus was unable to be disinfected or moved, but it no longer shows up on my scan. How can I be certain the virus is no longer on my computer? The other two viruses are marked as "quarantine internal failure", what does this mean?


Also, I couldn't find any of them in the virus encyclopedia.


Here is the detail.


Thank you for your help!


Virus Statistics


Scan path : C:\


D:\


Folders : 11253


Files : 55389


Memory processes scanned : 42


Archives : 3


Runtime packers : 6095


Identified viruses : 3


Infected files : 3


Memory processes infected : 0


Suspect files : 0


Warnings : 0


Disinfected files : 0


Deleted files : 0


Moved files : 2


I/O errors : 10


Scan time : 00:44:10


Scan speed (files/sec) : 20


Spyware Statistics


Registry keys scanned : 1657


Registry keys infected : 0


Cookies scanned : 237


Cookies infected : 0


Spyware files infected : 0


Spyware threats detected : 0


Virus definitions : 697288


Scan plugins : 16


Archive plugins : 41


Unpack plugins : 6


Mail plugins : 6


System plugins : 5


Virus scan options


Detection


[X] Scan boot sectors


[X] Memory Processes


[ ] Scan archives


[X] Scan runtime packers


[X] Scan email


File mask


[X] Programs


[ ] All files


[ ] User defined extensions:


[ ] Exclude extensions: ;


Action


Infected objects


[ ] Ignore


[X] Disinfect


[ ] Delete


[ ] Move to quarantine


[ ] Prompt user


Second action


[ ] Ignore


[ ] Delete


[X] Move to quarantine


[ ] Prompt user


Virus scan options


[X] Enable warnings


[ ] Enable heuristics


[ ] Show all files in log


[X] Report file: C:\Documents and Settings\All Users\Application Data\Bitdefender\Desktop\Profiles\Logs\full_scan\1183430880.log


Spyware scan options


[X] Scan for riskware


[ ] Skip dial and applications from scan


[X] Registry keys


[X] Cookies


Summary:


C:\Documents and Settings\L.YOUR-A9279112E3\Local Settings\Temp\$updater\2FSWES.exe Infected: Trojan.Downloader.Delf.BJV


C:\Documents and Settings\L.YOUR-A9279112E3\Local Settings\Temp\$updater\2FSWES.exe Disinfection failed


C:\Documents and Settings\L.YOUR-A9279112E3\Local Settings\Temp\$updater\2FSWES.exe Move failed: Quarantine internal failure


C:\Documents and Settings\L.YOUR-A9279112E3\Local Settings\Temp\$updater\DC2BQ5.exe Infected: Trojan.Clicker.Delf.HD


C:\Documents and Settings\L.YOUR-A9279112E3\Local Settings\Temp\$updater\DC2BQ5.exe Disinfection failed


C:\Documents and Settings\L.YOUR-A9279112E3\Local Settings\Temp\$updater\DC2BQ5.exe Move failed: Quarantine internal failure


C:\RECYCLER\S-1-5-21-2925972889-1550467167-2474809277-1005\Dc1.exe Infected: DeepScan:Generic.Zlob.7.1FED44BB


C:\RECYCLER\S-1-5-21-2925972889-1550467167-2474809277-1005\Dc1.exe Disinfection failed


C:\RECYCLER\S-1-5-21-2925972889-1550467167-2474809277-1005\Dc1.exe Move failed

Comments

  • AndreiASM
    AndreiASM
    Options

    The first 2 viruses were located in a temporary folder, though, they might have been deleted. The third virus appears to be in the recycle bin. Be sure to empty the recycle bin if the malware is still there.


    Andrei

  • lsiegert
    lsiegert
    Options
    The first 2 viruses were located in a temporary folder, though, they might have been deleted. The third virus appears to be in the recycle bin. Be sure to empty the recycle bin if the malware is still there.


    Andrei


    Thanks so much, Andrei.


    I ran a deep scan and it revealed this trojan, "trojan.click.hd". I haven't been able to locate anything about it yet either, and it wasn't able to be disinfected or moved. Thanks again!


    Virus Statistics


    Scan path : C:\


    D:\


    Folders : 11285


    Files : 391098


    Memory processes scanned : 108


    Archives : 12007


    Runtime packers : 18325


    Identified viruses : 3


    Infected files : 4


    Memory processes infected : 0


    Suspect files : 0


    Warnings : 0


    Disinfected files : 0


    Deleted files : 0


    Moved files : 3


    I/O errors : 132


    Scan time : 01:35:40


    Scan speed (files/sec) : 68


    Spyware Statistics


    Registry keys scanned : 1657


    Registry keys infected : 0


    Cookies scanned : 237


    Cookies infected : 0


    Spyware files infected : 0


    Spyware threats detected : 0


    Virus definitions : 1664991879


    Scan plugins : 16


    Archive plugins : 41


    Unpack plugins : 6


    Mail plugins : 6


    System plugins : 5


    Virus scan options


    Detection


    [X] Scan boot sectors


    [X] Memory Processes


    [X] Scan archives


    [X] Scan runtime packers


    [X] Scan email


    File mask


    [ ] Programs


    [X] All files


    [ ] User defined extensions:


    [ ] Exclude extensions: ;


    Action


    Infected objects


    [ ] Ignore


    [X] Disinfect


    [ ] Delete


    [ ] Move to quarantine


    [ ] Prompt user


    Second action


    [ ] Ignore


    [ ] Delete


    [X] Move to quarantine


    [ ] Prompt user


    Virus scan options


    [X] Enable warnings


    [X] Enable heuristics


    [ ] Show all files in log


    [X] Report file: C:\Documents and Settings\All Users\Application Data\Bitdefender\Desktop\Profiles\Logs\deep_scan\1183612909.log


    Spyware scan options


    [X] Scan for riskware


    [ ] Skip dial and applications from scan


    [X] Registry keys


    [X] Cookies


    Summary:


    C:\Documents and Settings\l\Local Settings\Temp\tmp10.tmp Detected: Adware.Virusburst.C


    C:\Documents and Settings\l\Local Settings\Temp\tmp10.tmp Disinfection failed


    C:\Documents and Settings\l\Local Settings\Temp\tmp10.tmp Moved


    C:\Documents and Settings\l\Local Settings\Temp\tmp7.tmp Detected: Adware.Virusburst.C


    C:\Documents and Settings\l\Local Settings\Temp\tmp7.tmp Disinfection failed


    C:\Documents and Settings\l\Local Settings\Temp\tmp7.tmp Moved


    C:\Program Files\MyWebSearch\bar\1.bin\M3FFXTBR.JAR Detected: Adware.Mywebsearch.BA


    C:\Program Files\MyWebSearch\bar\1.bin\M3FFXTBR.JAR Disinfection failed


    C:\Program Files\MyWebSearch\bar\1.bin\M3FFXTBR.JAR Moved


    C:\SWSETUP\AOLMN\SP31524.exe=>(CAB Sfx o)=>\musicnow1.exe=>wise0008 Infected: Trojan.Click.HD


    C:\SWSETUP\AOLMN\SP31524.exe=>(CAB Sfx o)=>\musicnow1.exe=>wise0008 Disinfection failed


    C:\SWSETUP\AOLMN\SP31524.exe=>(CAB Sfx o)=>\musicnow1.exe=>wise0008 Move failed

  • AndreiASM
    AndreiASM
    Options

    The first 3 adware programs have been moved by BitDefender in quarantine.


    However, the 4'th one is located in an installer packace and can't be moved. You should manually delete the entire packace that contains the trojan.


    Andrei

  • lsiegert
    lsiegert
    Options
    The first 3 adware programs have been moved by BitDefender in quarantine.


    However, the 4'th one is located in an installer packace and can't be moved. You should manually delete the entire packace that contains the trojan.


    Andrei


    Thank you, Andrei. I want to make sure I do this correctly. The program is AOL Music, which I don't ever plan to use, and it isn't installed. Do I simply delete the folder AOLMN and everything in it?


    Thanks!

  • AndreiASM
    AndreiASM
    Options

    Yes, you only have to delete it. If the deleteion fails, deactivate temporarly BD real-time protection (although this shouldn't be the case).


    Andrei

  • Niels
    Niels
    Options

    Hello


    Just delete the folder called SWSETUP. I suggest that you also perform a complete scan with superantispyware to be sure that all leftovers are deleted. You can download it here : http://downloads2.superantispyware.com/dow...AntiSpyware.exe Update it reboot your pc and press several times on the F8 button choose for safe mode. After that perform a complete scan with superantispyware.


    Regards


    Niels

  • lsiegert
    lsiegert
    Options
    Hello


    Just delete the folder called SWSETUP. I suggest that you also perform a complete scan with superantispyware to be sure that all leftovers are deleted. You can download it here : http://downloads2.superantispyware.com/dow...AntiSpyware.exe Update it reboot your pc and press several times on the F8 button choose for safe mode. After that perform a complete scan with superantispyware.


    Regards


    Niels


    Niels,


    Thanks so much to you and Andrei. I took your advice and downloaded the spyware program. I already have SpySweeper and BitDefender on my computer, but SuperAntiSpyware found 3 additional trojans and a total of 90 additional threats. I am re-running it now.


    Thank you both tremendously. You guys rock!

  • Niels
    Niels
    Options

    Hello


    Sometimes it are just leftovers that superantispyware finds. Can you also please post where the trojans and threats were found? It could be that they are located in system restore points. Perform also a scan with spy sweeper.


    Glad that we could assist you. Don't hesitate if you have any further questions.


    Regards


    Niels

  • AndreiASM
    AndreiASM
    Options

    Also glad that we could help you. ;)


    Andrei

All Time Leaders

Categories

Defenders of the month