I Need Help

northbaymotors

I cannot figure out how to get rid of these trojans.

BitDefender Log File !!!!!

Product : BitDefender Total Security 2008

Version : BitDefender UIScanner v.11

Log date : 13:57:34 01/02/2008

Log path : C:\Documents and Settings\Dave Mason Jr\Application Data\BitDefender\Desktop\Profiles\Logs\contextual\1201892254_1_02.xml

Scan Paths:Path0000: C:\Documents and Settings\__sbs_netsetup__\Local Settings\Application Data\Microsoft\Outlook\outlook.ost

Scan Options:Scan for viruses : Yes

Scan for adware : Yes

Scan for spyware : Yes

Scan for applications : Yes

Scan for dialers : Yes

Scan for rootkits : No

Target selection options:Scan registry keys : No

Scan cookies : No

Scan boot sectors : No

Scan memory processes : No

Scan archives : Yes

Scan runtime packers : Yes

Scan emails : Yes

Scan all files : Yes

Heuristic Scan : Yes

Scanned extensions :

Excluded extensions :

Target ProcessingDefault action for infected objects : Disinfect

Default action for suspicious objects : None

Default action for hidden objects : None

Scan engines summaryNumber of virus signatures : 978586

Archive plugins : 41

Email plugins : 6

Scan plugins : 12

Archive plugins : 41

System plugins : 4

Unpack plugins : 7

Overall scan summaryScanned items : 813

Infected items : 9

Suspicious items : 0

Resolved items : 0

Individual viruses found : 5

Scanned directories : 0

Scanned boot sectors : 0

Scanned archives : 6

Input-output errors : 0

Scan time : 00:00:00:11

Files per second : 73

Scanned processes summaryScanned : 0

Infected : 0

Scanned registry keys summaryScanned : 0

Infected : 0

Scanned cookies summaryScanned : 0

Infected : 0

Remaining issues:Object Name Threat Name Final Status

C:\Documents and Settings\__sbs_netsetup__\Local Settings\Application Data\Microsoft\Outlook\outlook.ost=][subject: [bulk] When I'm With You][From: Ortiz Paulina]=]Greeting Card.exe Trojan.Downloader.Bai.DAM Delete Failed (file was in an archive)

C:\Documents and Settings\__sbs_netsetup__\Local Settings\Application Data\Microsoft\Outlook\outlook.ost=][subject: [bulk] I Love You Soo Much][From: Acosta L. Amelia]=]greeting card.exe Trojan.Peed.AG Disinfect Failed

C:\Documents and Settings\__sbs_netsetup__\Local Settings\Application Data\Microsoft\Outlook\outlook.ost=][subject: [bulk] Romantic Picnic Coupon][From: Romeo T. Coffman]=]Greeting Card.exe Trojan.Peed.Gen Disinfect Failed

C:\Documents and Settings\__sbs_netsetup__\Local Settings\Application Data\Microsoft\Outlook\outlook.ost=][subject: [bulk] Between Us][From: Carrie]=]flash postcard.exe Trojan.Peed.Gen Disinfect Failed

C:\Documents and Settings\__sbs_netsetup__\Local Settings\Application Data\Microsoft\Outlook\outlook.ost=][subject: [bulk] I'll Be Your Man][From: Flossie House]=]Flash Postcard.exe Win32.Banwarum.U@mm Delete Failed (file was in an archive)

C:\Documents and Settings\__sbs_netsetup__\Local Settings\Application Data\Microsoft\Outlook\outlook.ost=][subject: [bulk] The Time for Love][From: Deleon]=]greeting card.exe Win32.Zhelatin.H@mm Delete Failed (file was in an archive)

C:\Documents and Settings\__sbs_netsetup__\Local Settings\Application Data\Microsoft\Outlook\outlook.ost=][subject: [bulk] My Love][From: Chandler B. Stanislas]=]greeting card.exe Win32.Zhelatin.H@mm Delete Failed (file was in an archive)

C:\Documents and Settings\__sbs_netsetup__\Local Settings\Application Data\Microsoft\Outlook\outlook.ost=][subject: [bulk] A Hug & Roses][From: crosstown]=]flash postcard.exe Win32.Zhelatin.H@mm Delete Failed (file was in an archive)

C:\Documents and Settings\__sbs_netsetup__\Local Settings\Application Data\Microsoft\Outlook\outlook.ost=][subject: [bulk] Hand in Hand][From: Simpson Harriet]=]Flash Postcard.exe Win32.Zhelatin.H@mm Delete Failed (file was in an archive)

Resolved issues:Object Name Threat Name Final Status

northbaymotors

I deleted the Outlook.Ost file and ran a full system scan. The trojans did not show up again. I am going to run a deep system scan tonite. I also went into regedit and deleted wincom32.sys, wincom32.ini, and alsys.exe. Do you think this has completely solved the problem?

Cd-MaN

If the deep scan doesn't pick up anything, then most probably yes. Generally speaking when e-mails are found to be infected you can do the following:

- Deactivate the real-time protection

- Browse to the folder the e-mails were found it (do not open them!)

- Delete the e-mails (you can find them by subject)

- "Compact" the folder (this applies to Thunderbird, I don't know if Outlook / OE has a similar feature)

- Reactiveate the real-time protection

This way you don't have to delete the entire folder.

Best regards.