Virus !
hi my bitdefender 2010 in a scan detected 2 virus that can be deleted or action taken. please help my what should I do ?????
thanks
Comments
-
sorry i put can be deleted but the issue is that cannt be deleted.
0 -
Hello yadleon,
Please attach the scan log.
Cris.0 -
Hello yadleon,
Please attach the scan log.
Cris.
Product: BitDefender Total Security 2010
Version: BitDefender Antivirus Scanner
Scanning task: System Scan
Log date: 1/18/2010 11:49:15 AM
Log path: C:\ProgramData\BitDefender\Desktop\Profiles\Logs\full_scan\1263836955_1_02.xml
Scan paths:
Path 0000: C:\
Scan Level:
Scan for viruses: Yes
Scan for adware: Yes
Scan for spyware: Yes
Scan for applications: Yes
Scan for dialers: Yes
Scan for rootkits: No
Scan for keyloggers: Yes
Virus Scanning Options:
Scan registry keys: Yes
Scan cookies: Yes
Scan boot sectors: Yes
Scan memory processes: Yes
Scan archives: No
Scan runtime packers: Yes
Scan e-mails: Yes
Scan all files: Yes
Heuristic Scan: Yes
Scanned extensions: not configured
Excluded extensions: not configured
Target Processing:
Default first action for infected objects: Disinfect
Default second action for infected objects: None
Default first action for suspect objects : None
Default second action for suspicious objects: None
Default action for hidden objects: None
Default first action for encrypted infected objects: Disinfect
Default second action for encrypted infected objects: None
Default first action for encrypted suspicious objects: None
Default second action for encrypted suspicious objects: None
Default action for password-protected objects: Log only
Scan Engines Summary
Virus signatures: 4876673
Archive plugins: 44
E-mail plugins: 6
Scan plugins: 13
System plugins: 5
Unpack plugins: 8
Basic
Scanned items: 60756
Infected items: 1
Suspect items: 1
Hidden items: 0 (the scan options do not include scanning for rootkits)
Resolved items: 0 (infected or suspect items have been found and were ignored or could not be fixed)
Unresolved items: 2
Advanced
Scan time: 00:19:34
Files per second: 51
Skipped items: 281058
Password-protected items: 0
Over-compressed items: 0
Individual viruses found: 2
Scanned folders: 20798
Scanned boot sectors: 4
Scanned archives: 5
Input-output errors: 55
Scanned processes: 63
Infected processes: 1
Scanned registry keys: 1319
Infected registry keys: 0
Scanned cookies: 27
Infected cookies: 0
Remaining issues:Object Path Threat Name Final Status
<System>=>C:\Users\Yadira\AppData\Roaming\lsass.exe *32 [4700] (memory dump) Gen:Trojan.Heur.VB.om1@dSf7a0ii Disinfect failed (object was not found)
<System>=>C:\Users\Yadira\AppData\Roaming\lsass.exe *32 [4700] (full dump) BehavesLike:Win32.Malware (object was not found)0 -
Follow these steps:
- restart your computer in SafeMode (restart your system and press F88 multiple times while it's restarting, and select SafeMode from the BootMenu)
- once you are logged in SafeMode, go toC:\Users\Yadira\AppData\Roaming\
and delete the file lsass.exe
- after that, restart you computer normally and make a new scan to check if the infection is gone.
Please post back the result.
Cris.0 -
hi cris I search for the file lsass.exe in C:\Users\Yadira\AppData\Roaming\ but there were no file with that name, acsualy a search in every folder.
then a search the file and the only one I found with that name in in computer\local disk\windows\sytem32 and I didnt erease it because it is a windows file.
scan and still having virus.
attach file.
now what can I do???deleted that file or what????
0 -
Please read this article: http://kb.bitdefender.com/KB490
Create the 2 logs, upload them on a file sharing server of your choice (such as www.sendspace.com) and send me the download link by PM. I will post more info after I take a look at those logs.
Cris.0 -
Please read this article: http://kb.bitdefender.com/KB490
Create the 2 logs, upload them on a file sharing server of your choice (such as www.sendspace.com) and send me the download link by PM. I will post more info after I take a look at those logs.
Cris.
hi cris, forgiveness for the delay I have a hard week at school. well let me tell you a read the article and here is all the info. thanks.
1. well actually the behavior of the computer is excellent a dont have any issue only when the bitdefender scan said that a had 2 virus.
3.Deep System log
Product: BitDefender Total Security 2010
Version: BitDefender Antivirus Scanner
Scanning task: Deep System Scan
Log date: 1/24/2010 2:05:24 PM
Log path: C:\ProgramData\BitDefender\Desktop\Profiles\Logs\deep_scan\1264363524_1_02.xml
Scan paths:
Path 0000: C:\
Scan Level:
Scan for viruses: Yes
Scan for adware: Yes
Scan for spyware: Yes
Scan for applications: Yes
Scan for dialers: Yes
Scan for rootkits: Yes
Scan for keyloggers: Yes
Virus Scanning Options:
Scan registry keys: Yes
Scan cookies: Yes
Scan boot sectors: Yes
Scan memory processes: Yes
Scan archives: Yes
Scan runtime packers: Yes
Scan e-mails: Yes
Scan all files: Yes
Heuristic Scan: Yes
Scanned extensions: not configured
Excluded extensions: not configured
Target Processing:
Default first action for infected objects: Disinfect
Default second action for infected objects: None
Default first action for suspect objects : None
Default second action for suspicious objects: None
Default action for hidden objects: None
Default first action for encrypted infected objects: Disinfect
Default second action for encrypted infected objects: None
Default first action for encrypted suspicious objects: None
Default second action for encrypted suspicious objects: None
Default action for password-protected objects: Log only
Scan Engines Summary
Virus signatures: 4896505
Archive plugins: 44
E-mail plugins: 6
Scan plugins: 13
System plugins: 5
Unpack plugins: 8
Basic
Scanned items: 349612
Infected items: 1
Suspect items: 1
Hidden items: 0 (no hidden items have been detected during this scan)
Resolved items: 0 (infected or suspect items have been found and were ignored or could not be fixed)
Unresolved items: 2
Advanced
Scan time: 01:07:54
Files per second: 85
Skipped items: 31313
Password-protected items: 0
Over-compressed items: 0
Individual viruses found: 2
Scanned folders: 21239
Scanned boot sectors: 4
Scanned archives: 3251
Input-output errors: 66
Scanned processes: 64
Infected processes: 1
Scanned registry keys: 1322
Infected registry keys: 0
Scanned cookies: 32
Infected cookies: 0
Remaining issues:Object Path Threat Name Final Status
<System>=>C:\Users\Yadira\AppData\Roaming\lsass.exe *32 [4632] (memory dump) Gen:Trojan.Heur.VB.om1@dSf7a0ii Disinfect failed (object was not found)
<System>=>C:\Users\Yadira\AppData\Roaming\lsass.exe *32 [4632] (full dump) BehavesLike:Win32.Malware (object was not found)
4.BDSI log
thanks hope to clean and deleted those viruses.
yadira0 -
Hello yadira,
I'm sorry for the late reply.
Please follow these steps:
- open Notepad
- copy the following lines:taskkill /IM lsass.exe
attrib -s -h -r -a "c:\users\yadira\appdata\roaming\lsass.exe"
move "c:\users\yadira\appdata\roaming\lsass.exe" "c:\users\yadira\Desktop\lsass.exe.orig"
pause
- click File -> Save as
- From the Save as type droplist select All files (*.*)
- in the filename field type a name ending with .bat (for instance, clean.bat) and click Save. Save the file on your Desktop.
- close Notepad
- on the desktop, right click on the new created file (it should have an icon with 2 sprockets) and select Run as administrator
- a Console window should open, running the commands you wrote in Notepad. In the end, it will stop (with the message Press any key to continue). At that point, before pressing any key, take a screenshot of that window and save it. Then close the window (pressing any key will close it).
- on your desktop you will find a file named lsass.exe.orig. Put that file in an archive, using the password infected (details in my signature), upload the archive on a file sharing server of your choice (such as www.sendspace.com) and send me the download link by PM.
- post the screenshot (taken earlier) here. Also, repeat the scan to see if the infected file is gone.
Cris.0
