Bd Failure And "quarantine Internal Failure"
Hi,
This is my first posting so thank you, in advance, for your patience. I've seen a couple of other posts similar to this, but I am still unsure of the answer.
BD shows that this virus was unable to be disinfected or moved, but it no longer shows up on my scan. How can I be certain the virus is no longer on my computer? The other two viruses are marked as "quarantine internal failure", what does this mean?
Also, I couldn't find any of them in the virus encyclopedia.
Here is the detail.
Thank you for your help!
Virus Statistics
Scan path : C:\
\
Folders : 11253
Files : 55389
Memory processes scanned : 42
Archives : 3
Runtime packers : 6095
Identified viruses : 3
Infected files : 3
Memory processes infected : 0
Suspect files : 0
Warnings : 0
Disinfected files : 0
Deleted files : 0
Moved files : 2
I/O errors : 10
Scan time : 00:44:10
Scan speed (files/sec) : 20
Spyware Statistics
Registry keys scanned : 1657
Registry keys infected : 0
Cookies scanned : 237
Cookies infected : 0
Spyware files infected : 0
Spyware threats detected : 0
Virus definitions : 697288
Scan plugins : 16
Archive plugins : 41
Unpack plugins : 6
Mail plugins : 6
System plugins : 5
Virus scan options
Detection
[X] Scan boot sectors
[X] Memory Processes
[ ] Scan archives
[X] Scan runtime packers
[X] Scan email
File mask
[X] Programs
[ ] All files
[ ] User defined extensions:
[ ] Exclude extensions: ;
Action
Infected objects
[ ] Ignore
[X] Disinfect
[ ] Delete
[ ] Move to quarantine
[ ] Prompt user
Second action
[ ] Ignore
[ ] Delete
[X] Move to quarantine
[ ] Prompt user
Virus scan options
[X] Enable warnings
[ ] Enable heuristics
[ ] Show all files in log
[X] Report file: C:\Documents and Settings\All Users\Application Data\Bitdefender\Desktop\Profiles\Logs\full_scan\1183430880.log
Spyware scan options
[X] Scan for riskware
[ ] Skip dial and applications from scan
[X] Registry keys
[X] Cookies
Summary:
C:\Documents and Settings\L.YOUR-A9279112E3\Local Settings\Temp\$updater\2FSWES.exe Infected: Trojan.Downloader.Delf.BJV
C:\Documents and Settings\L.YOUR-A9279112E3\Local Settings\Temp\$updater\2FSWES.exe Disinfection failed
C:\Documents and Settings\L.YOUR-A9279112E3\Local Settings\Temp\$updater\2FSWES.exe Move failed: Quarantine internal failure
C:\Documents and Settings\L.YOUR-A9279112E3\Local Settings\Temp\$updater\DC2BQ5.exe Infected: Trojan.Clicker.Delf.HD
C:\Documents and Settings\L.YOUR-A9279112E3\Local Settings\Temp\$updater\DC2BQ5.exe Disinfection failed
C:\Documents and Settings\L.YOUR-A9279112E3\Local Settings\Temp\$updater\DC2BQ5.exe Move failed: Quarantine internal failure
C:\RECYCLER\S-1-5-21-2925972889-1550467167-2474809277-1005\Dc1.exe Infected: DeepScan:Generic.Zlob.7.1FED44BB
C:\RECYCLER\S-1-5-21-2925972889-1550467167-2474809277-1005\Dc1.exe Disinfection failed
C:\RECYCLER\S-1-5-21-2925972889-1550467167-2474809277-1005\Dc1.exe Move failed
Comments
-
The first 2 viruses were located in a temporary folder, though, they might have been deleted. The third virus appears to be in the recycle bin. Be sure to empty the recycle bin if the malware is still there.
Andrei0 -
The first 2 viruses were located in a temporary folder, though, they might have been deleted. The third virus appears to be in the recycle bin. Be sure to empty the recycle bin if the malware is still there.
Andrei
Thanks so much, Andrei.
I ran a deep scan and it revealed this trojan, "trojan.click.hd". I haven't been able to locate anything about it yet either, and it wasn't able to be disinfected or moved. Thanks again!
Virus Statistics
Scan path : C:\\
Folders : 11285
Files : 391098
Memory processes scanned : 108
Archives : 12007
Runtime packers : 18325
Identified viruses : 3
Infected files : 4
Memory processes infected : 0
Suspect files : 0
Warnings : 0
Disinfected files : 0
Deleted files : 0
Moved files : 3
I/O errors : 132
Scan time : 01:35:40
Scan speed (files/sec) : 68
Spyware Statistics
Registry keys scanned : 1657
Registry keys infected : 0
Cookies scanned : 237
Cookies infected : 0
Spyware files infected : 0
Spyware threats detected : 0
Virus definitions : 1664991879
Scan plugins : 16
Archive plugins : 41
Unpack plugins : 6
Mail plugins : 6
System plugins : 5
Virus scan options
Detection
[X] Scan boot sectors
[X] Memory Processes
[X] Scan archives
[X] Scan runtime packers
[X] Scan email
File mask
[ ] Programs
[X] All files
[ ] User defined extensions:
[ ] Exclude extensions: ;
Action
Infected objects
[ ] Ignore
[X] Disinfect
[ ] Delete
[ ] Move to quarantine
[ ] Prompt user
Second action
[ ] Ignore
[ ] Delete
[X] Move to quarantine
[ ] Prompt user
Virus scan options
[X] Enable warnings
[X] Enable heuristics
[ ] Show all files in log
[X] Report file: C:\Documents and Settings\All Users\Application Data\Bitdefender\Desktop\Profiles\Logs\deep_scan\1183612909.log
Spyware scan options
[X] Scan for riskware
[ ] Skip dial and applications from scan
[X] Registry keys
[X] Cookies
Summary:
C:\Documents and Settings\l\Local Settings\Temp\tmp10.tmp Detected: Adware.Virusburst.C
C:\Documents and Settings\l\Local Settings\Temp\tmp10.tmp Disinfection failed
C:\Documents and Settings\l\Local Settings\Temp\tmp10.tmp Moved
C:\Documents and Settings\l\Local Settings\Temp\tmp7.tmp Detected: Adware.Virusburst.C
C:\Documents and Settings\l\Local Settings\Temp\tmp7.tmp Disinfection failed
C:\Documents and Settings\l\Local Settings\Temp\tmp7.tmp Moved
C:\Program Files\MyWebSearch\bar\1.bin\M3FFXTBR.JAR Detected: Adware.Mywebsearch.BA
C:\Program Files\MyWebSearch\bar\1.bin\M3FFXTBR.JAR Disinfection failed
C:\Program Files\MyWebSearch\bar\1.bin\M3FFXTBR.JAR Moved
C:\SWSETUP\AOLMN\SP31524.exe=>(CAB Sfx o)=>\musicnow1.exe=>wise0008 Infected: Trojan.Click.HD
C:\SWSETUP\AOLMN\SP31524.exe=>(CAB Sfx o)=>\musicnow1.exe=>wise0008 Disinfection failed
C:\SWSETUP\AOLMN\SP31524.exe=>(CAB Sfx o)=>\musicnow1.exe=>wise0008 Move failed0 -
The first 3 adware programs have been moved by BitDefender in quarantine.
However, the 4'th one is located in an installer packace and can't be moved. You should manually delete the entire packace that contains the trojan.
Andrei0 -
The first 3 adware programs have been moved by BitDefender in quarantine.
However, the 4'th one is located in an installer packace and can't be moved. You should manually delete the entire packace that contains the trojan.
Andrei
Thank you, Andrei. I want to make sure I do this correctly. The program is AOL Music, which I don't ever plan to use, and it isn't installed. Do I simply delete the folder AOLMN and everything in it?
Thanks!0 -
Yes, you only have to delete it. If the deleteion fails, deactivate temporarly BD real-time protection (although this shouldn't be the case).
Andrei0 -
Hello
Just delete the folder called SWSETUP. I suggest that you also perform a complete scan with superantispyware to be sure that all leftovers are deleted. You can download it here : http://downloads2.superantispyware.com/dow...AntiSpyware.exe Update it reboot your pc and press several times on the F8 button choose for safe mode. After that perform a complete scan with superantispyware.
Regards
Niels0 -
Hello
Just delete the folder called SWSETUP. I suggest that you also perform a complete scan with superantispyware to be sure that all leftovers are deleted. You can download it here : http://downloads2.superantispyware.com/dow...AntiSpyware.exe Update it reboot your pc and press several times on the F8 button choose for safe mode. After that perform a complete scan with superantispyware.
Regards
Niels
Niels,
Thanks so much to you and Andrei. I took your advice and downloaded the spyware program. I already have SpySweeper and BitDefender on my computer, but SuperAntiSpyware found 3 additional trojans and a total of 90 additional threats. I am re-running it now.
Thank you both tremendously. You guys rock!0 -
Hello
Sometimes it are just leftovers that superantispyware finds. Can you also please post where the trojans and threats were found? It could be that they are located in system restore points. Perform also a scan with spy sweeper.
Glad that we could assist you. Don't hesitate if you have any further questions.
Regards
Niels0 -
Also glad that we could help you.
Andrei0
