Please Help Unable To Disinfect!
I did a full system scan and detected a virus called "Adware.BHO"
BitDefender was unable to disinfect or move it. Please Help!
Report Log:
//-----------------------------------------------------------------
//
// ProductBitDefender Internet Security v10
// Product10.2
//
// Created on: 19/12/2007 07:13:14
//
//-----------------------------------------------------------------
Virus Statistics
Scan path : C:\
\
Folders : 6614
Files : 385161
Memory processes scanned : 46
Archives : 16430
Runtime packers : 33709
Identified viruses : 1
Infected files : 1
Memory processes infected : 0
Suspect files : 0
Warnings : 0
Disinfected files : 0
Deleted files : 0
Moved files : 0
I/O errors : 47
Scan time : 01:03:24
Scan speed (files/sec) : 101
Spyware Statistics
Registry keys scanned : 333
Registry keys infected : 0
Cookies scanned : 1449
Cookies infected : 0
Spyware files infected : 0
Spyware threats detected : 0
Virus definitions : 960468
Scan plugins : 16
Archive plugins : 41
Unpack plugins : 7
Mail plugins : 6
System plugins : 5
Virus scan options
Detection
[X] Scan boot sectors
[X] Memory Processes
[X] Scan archives
[X] Scan runtime packers
[X] Scan email
File mask
[ ] Programs
[X] All files
[ ] User defined extensions:
[ ] Exclude extensions: ;
Action
Infected objects
[ ] Ignore
[X] Disinfect
[ ] Delete
[ ] Move to quarantine
[ ] Prompt user
Second action
[ ] Ignore
[ ] Delete
[X] Move to quarantine
[ ] Prompt user
Virus scan options
[X] Enable warnings
[X] Enable heuristics
[ ] Show all files in log
[X] Report file: C:\Documents and Settings\All Users\Application Data\Bitdefender\Desktop\Profiles\Logs\deep_scan\1198001593.log
Spyware scan options
[X] Scan for riskware
[ ] Skip dial and applications from scan
[X] Registry keys
[X] Cookies
Summary:
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\GXWV1BWQ\trivial-pursuit-online-party-setup[1].exe=>(NSIS o)=>zlib_nsis0001=>(NSIS o)=>lzma_nsis0007 Detected: Adware.BHO
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\GXWV1BWQ\trivial-pursuit-online-party-setup[1].exe=>(NSIS o)=>zlib_nsis0001=>(NSIS o)=>lzma_nsis0007 Disinfection failed
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\GXWV1BWQ\trivial-pursuit-online-party-setup[1].exe=>(NSIS o)=>zlib_nsis0001=>(NSIS o)=>lzma_nsis0007 Move failed
Comments
-
Please help
0 -
Hello Chesda,
To delete the infected file, follow these steps:- Make the Hidden files visible, like this:
- In Explorer, click Tools -> Folder Options... -> View
- Enable View hidden files and folder
- Disable Hide protected operating system files
- Click OK as many times as needed.
- In Explorer, click Tools -> Folder Options... -> View
- Disable BitDefender Realtime Protection
- Go to C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\GXWV1BWQ\ and manually delete the files trivial-pursuit-online-party-setup[1].exe
Warning! Be careful NOT to execute the file, because you are unprotected (BD is disabled). Just select it and press SHIFT+DELETE - Re-enable BitDefender Realtime Protection
- Optional: undo the first step, so the hidden files and folders will be invisible
0 - Make the Hidden files visible, like this:
-
I cannot find Tools -> Folder Options ... -> View
I'm running IE 7 and i think it differs from the instructions you gave me.0 -
I meant Windows Explorer, not Internet Explorer.
Cris.0 -
I meant Windows Explorer, not Internet Explorer.
Cris.
What do you mean Windows Explorer? I cannot find it lol
EDIT:
Oh.. Windows Explorer .... My Computer same thing lol.
My bad0 -
Thanks Cris i delete it (but it wasn't in the recycle bin),
Do i change my settings back to default and do a system scan incase there are other parts to the virus?0 -
Thanks Cris i delete it (but it wasn't in the recycle bin).
If you pressed SHIFT+Delete, then the file won't arrive in Recycle Bin.
Shift+Delete is the shortcut key for deleting files and folders, bypassing the Recycle Bin.Do i change my settings back to default and do a system scan incase there are other parts to the virus?
Chenging the settings back to default is your option. It doesn't affect at all the work you do, and also doesn't increase in any way your security. In fact, malware files hide themselves using this method (as you noticed, you couldn't find the files until you made the hidden files visible).
However, leaving the hidden files visible might make you uncomfortable, because you'll see some semi-transparent files and folders on your HDD. Those are the hidden files, and mostly they are system files. On one hand, it is recommended that you leave the hidden files to be invisible (so to return the settings as they were before), so you won't delete any of them by mistake.
Conclusion: every option you choose (leaving them visible or not) has it's advantages and disadvantages. It's your choice what you do.
I can say only this: if you are not a very experienced user, I recommend to revert the settings back the way they were (hide the hidden files). You can always make them visible again, if you need to
About scanning your system: yes, that's a good idea. Scanning a system doesn't do any harm...it can only do good.
Cris.0