Adware.starwire.a Info And Removal

china_pearl
edited September 2007 in Malware talk

Hi all,


I made the mistake of downloading and installing an ALOT Toolbar, and now my computer is stuck with a file infected the Adware.StarWire.A virus. BD supposedly blocked the virus (so my computer is supposely not further infected), and I know which file (alot_release.exe) is infected. However neither BD nor myself can delete / quarantine the infected file.


Every time I try to manually delete alot_release.exe I get the Windows error of "Cannot delete alot_release: Cannot read from the source file or disk".


When I tried deleting it in command prompt, I got another error: "A device attached to the system is not functioning"


I tried going online to find more info about Adware.StarWire.A, but found none, except for a list of aliases:


ADSPY/Comet.BE


Adware.Win32.Comet.be


not-a-virus:AdWare.Win32.Comet.be


not-a-virus:AdWare.Win32.Comet.be


W32/Adware.KJK


So does anyone have any info about this virus Adware.StarWire.A and info on how to remove it (and the infected file)? Thank you in advance for your input and suggestion!


Infected file and location:


c:\documents and settings\compaq_owner\local settings\temp\nsi1994.tmp\alot_release.exe=](NSIS o)=]lzma_nsis0002


O/S: Windows XP SP2


By the way, BD detects this virus only during Deep Scan... I tried scanning the file/folder by right-clicking on the alot_release.exe then selecting BD (scanning) and the file showed clean.


Thanks,


Amy

Comments

  • bluesprite
    edited September 2007

    Apparently BitDefender is set to block access to detected infections, so that's why you can't delete it manually. Turn off the protection and delete the file manually, but be careful not to execute it. Purge the System Restore history states as well, because a copy of the file might be stored there as well. Then enable antivirus protection again.


    Also, check your contextual (right click) scan settings and set it to look inside archives and packed files when scanning.

  • Apparently BitDefender is set to block access to detected infections, so that's why you can't delete it manually. Turn off the protection and delete the file manually, but be careful not to execute it. Purge the System Restore history states as well, because a copy of the file might be stored there as well. Then enable antivirus protection again.


    Also, check your contextual (right click) scan settings and set it to look inside archives and packed files when scanning.


    Hi bluesprite,


    Thanks so much for your help! It worked and I was able to get rid of the infected file. I have yet to figure out how to purge the System Restore history, but I made sure I emptied the Recycle Bin and cleaned up any old and/or temp. files.


    Thanks again for the advice and suggestions!


    Amy