Cant Eliminate Adware.navipromo.bze

I have seen in the forum some topics about this malware but it was in a language i cant understand (probably romanian), so i ask help in english.What can i do to get rid of this adware?Is it a dangerous one? Bitdefender finds it but for some reason its unable to get rid of it.And i also discovered that i cant run bit defender iunder windows in safe mode...is this normal?

Thnks

the scan report is:

Product BitDefender Free Edition v10

// Product 10.2

// Created on: 15/01/2008 19:40:50

//-----------------------------------------------------------------

Virus Statistics

Scan path : C:\

E:\

Folders : 5289

Files : 140633

Memory processes scanned : 34

Archives : 8084

Runtime packers : 8753

Identified viruses : 1

Infected files : 5

Memory processes infected : 0

Suspect files : 0

Warnings : 0

Disinfected files : 0

Deleted files : 5

Moved files : 0

I/O errors : 27

Scan time : 01:21:57

Scan speed (files/sec) : 28

Spyware Statistics

Registry keys scanned : 293

Registry keys infected : 0

Cookies scanned : 55

Cookies infected : 0

Spyware files infected : 0

Spyware threats detected : 0

Virus definitions : 971424

Scan plugins : 16

Archive plugins : 41

Unpack plugins : 7

Mail plugins : 6

System plugins : 5

Virus scan options

Detection

[X] Scan boot sectors

[X] Memory Processes

[X] Scan archives

[X] Scan runtime packers

[X] Scan email

File mask

[ ] Programs

[X] All files

[ ] User defined extensions:

[ ] Exclude extensions: ;

Action

Infected objects

[ ] Ignore

[X] Disinfect

[ ] Delete

[ ] Move to quarantine

[ ] Prompt user

Second action

[ ] Ignore

[ ] Delete

[X] Move to quarantine

[ ] Prompt user

Virus scan options

[X] Enable warnings

[X] Enable heuristics

[ ] Show all files in log

[X] Report file: C:\Documents and Settings\All Users\Dati applicazioni\Bitdefender\Desktop\Profiles\Logs\deep_scan\1200422450.log

Spyware scan options

[X] Scan for riskware

[ ] Skip dial and applications from scan

[X] Registry keys

[X] Cookies

Summary:

C:\System Volume Information\_restore{30682DDF-3974-4986-AAD7-3C8883C27C49}\RP521\A0161567.exe=>(NSIS o)=>lzma_solid_nsis0002 Detected: Adware.Navipromo.BZE

C:\System Volume Information\_restore{30682DDF-3974-4986-AAD7-3C8883C27C49}\RP521\A0161567.exe=>(NSIS o)=>lzma_solid_nsis0002 Deleted

C:\System Volume Information\_restore{30682DDF-3974-4986-AAD7-3C8883C27C49}\RP521\A0161567.exe=>(NSIS o) Archive repacking has failed (marked actions not taken)

C:\Documents and Settings\Dimitri\Impostazioni locali\Temp\pack.epk=>(NSIS 2g)=>lzma_solid_nsis0006 Detected: Adware.Navipromo.BZE

C:\Documents and Settings\Dimitri\Impostazioni locali\Temp\pack.epk=>(NSIS 2g)=>lzma_solid_nsis0006 Deleted

C:\Documents and Settings\Dimitri\Impostazioni locali\Temp\pack.epk=>(NSIS 2g) Archive repacking has failed (marked actions not taken)

C:\Documents and Settings\Dimitri\Impostazioni locali\Temp\pack.epk=>(NSIS 2g)=>lzma_solid_nsis0014=>(NSIS g)=>lzma_solid_nsis0002 Detected: Adware.Navipromo.BZE

C:\Documents and Settings\Dimitri\Impostazioni locali\Temp\pack.epk=>(NSIS 2g)=>lzma_solid_nsis0014=>(NSIS g)=>lzma_solid_nsis0002 Deleted

C:\Documents and Settings\Dimitri\Impostazioni locali\Temp\pack.epk=>(NSIS 2g)=>lzma_solid_nsis0014=>(NSIS g) Archive repacking has failed (marked actions not taken)

C:\Documents and Settings\Dimitri\Impostazioni locali\Temp\NSIS_Install_WMP.exe=>(NSIS o)=>lzma_solid_nsis0006 Detected: Adware.Navipromo.BZE

C:\Documents and Settings\Dimitri\Impostazioni locali\Temp\NSIS_Install_WMP.exe=>(NSIS o)=>lzma_solid_nsis0006 Deleted

C:\Documents and Settings\Dimitri\Impostazioni locali\Temp\NSIS_Install_WMP.exe=>(NSIS o) Archive repacking has failed (marked actions not taken)

C:\Documents and Settings\Dimitri\Impostazioni locali\Temp\NSIS_Install_WMP.exe=>(NSIS o)=>lzma_solid_nsis0014=>(NSIS g)=>lzma_solid_nsis0002 Detected: Adware.Navipromo.BZE

C:\Documents and Settings\Dimitri\Impostazioni locali\Temp\NSIS_Install_WMP.exe=>(NSIS o)=>lzma_solid_nsis0014=>(NSIS g)=>lzma_solid_nsis0002 Deleted

C:\Documents and Settings\Dimitri\Impostazioni locali\Temp\NSIS_Install_WMP.exe=>(NSIS o)=>lzma_solid_nsis0014=>(NSIS g) Archive repacking has failed (marked actions not taken)

Find more posts tagged with

Comments

farbar

Empty your

Temp
folder, to do this:Reboot. Then go to

start-run
- type "

%temp%
" (without "), click OK it opens temp folder.

select one of the files inside it in the right panel, then Ctrl+A to select all the contents and then Shift+delete to empty your Temp folder.
Go to

start-run
- type "

cleanmgr.exe
" (without "), click OK it shows C drive to be cleaned, click OK, check at least Temporary Internet files, Temporary files and Recycle Bin. Click Ok to confirm.
Reboot and check if your computer is running fine. Then empty your

restore volume.
To do that: go to start-control panel- system- system restore- check

turn off system restore on all drives
. Click apply. By doing this you loose all your (infected) restore points. Reboot and uncheck "

turn off system restore on all drives
' to create a clean restore point.
Download\install '

SuperAntiSpyware
Home Edition Free Version' from here:

http://www.superantispyware.com/downloadfi...ANTISPYWAREFREE

Launch SuperAntiSpyware and download the updates.

Go to Configuration and Preferences - Preferences - Scanning Control - undnder
Scanner Options
check:
Close browsers before scanning.
Scan for tracking cookies

and
Terminate memory threats before quarantining
. Leave all others unchecked and "
Close
".

Then on the main screen, under "
Scan for Harmful Software
" click
Scan your computer
.

On the left, make sure you check
C:\Fixed Drive
.

On the right, under "
Complete Scan
", choose
Perform Complete Scan
.

Click "
Next
" to start the scan it may take some time, wait until the scan is finished. After the scan is complete, a
Scan Summary box
will appear with potentially harmful items that were detected. Make sure to check all the items and Click "
OK
".

Make sure everything has a checkmark next to it and click "
Next
".

A notification will appear that "
Quarantine and Removal is Complete
". Click "
OK
" and then click the "
Finish
" button to return to the main menu.

If asked if you want to reboot, click "
Yes
".

Please report back your progress.

Success!

farbar

Hi again,

By the first three steps the Internet Explorer should be closed for better result. You can copy, paste and save the instruction to a .txt file by notepad.

jimi4

thnx a lot.

i copied the instructions.I'll trie it and i'll report.

jimi4

I've done all following the instructions, but the annoying popups persist appearing.Have to find another solution.

farbar

You didn't mentioned the popups in your first post. The scan log was showing some infected files in user Temp folder and in restore volume. So I got the impression that the source of infection is removed and the left overs ware just to be removed to prevent the regeneration. Any way the source of the infection should be find and removed. If you still need assistance in that let me know.