Adware.Hechta.A

cjuiping@yahoo.com.sg

Did a scan with BitDefender Ver. 10 and found this virus "Adware.Hechta.A" that is unable to be remove. Anyone can advise what does this virus do and how it can be removed?

The following is the report for the virus

//-----------------------------------------------------------------

//

// ProductBitDefender Antivirus Plus v10

// Product10.2

//

// Created on: 22/05/2007 00:32:47

//

//-----------------------------------------------------------------

Virus Statistics

Scan path : C:\

\

Folders : 6161

Files : 509358

Memory processes scanned : 29

Archives : 10264

Runtime packers : 51350

Identified viruses : 1

Infected files : 1

Memory processes infected : 0

Suspect files : 0

Warnings : 0

Disinfected files : 0

Deleted files : 0

Moved files : 0

I/O errors : 52

Scan time : 01:01:08

Scan speed (files/sec) : 138

Spyware Statistics

Registry keys scanned : 1909

Registry keys infected : 0

Cookies scanned : 86

Cookies infected : 0

Spyware files infected : 0

Spyware threats detected : 0

Virus definitions : 555068

Scan plugins : 16

Archive plugins : 41

Unpack plugins : 6

Mail plugins : 6

System plugins : 5

Virus scan options

Detection

[X] Scan boot sectors

[X] Memory Processes

[X] Scan archives

[X] Scan runtime packers

[X] Scan email

File mask

[ ] Programs

[X] All files

[ ] User defined extensions:

[ ] Exclude extensions: ;

Action

Infected objects

[ ] Ignore

[X] Disinfect

[ ] Delete

[ ] Move to quarantine

[ ] Prompt user

Second action

[ ] Ignore

[ ] Delete

[X] Move to quarantine

[ ] Prompt user

Virus scan options

[X] Enable warnings

[X] Enable heuristics

[ ] Show all files in log

[X] Report file: C:\Documents and Settings\All Users\Application Data\Bitdefender\Desktop\Profiles\Logs\deep_scan\1179765167.log

Spyware scan options

[X] Scan for riskware

[ ] Skip dial and applications from scan

[X] Registry keys

[X] Cookies

Summary:

C:\Program Files\Oberon Media\Cake Mania\SlgClientServicesRedists.exe=>(Instyler o)=>(Instyler Module 0)=>(Embedded EXE o) Detected: Adware.Hechta.A

C:\Program Files\Oberon Media\Cake Mania\SlgClientServicesRedists.exe=>(Instyler o)=>(Instyler Module 0)=>(Embedded EXE o) Disinfection failed

C:\Program Files\Oberon Media\Cake Mania\SlgClientServicesRedists.exe=>(Instyler o)=>(Instyler Module 0)=>(Embedded EXE o) Move failed

Niels

Hi Jenny

I suggest that you try this. Reboot your pc and press several times on the F8 button before the windows loadscreen and choose for safe mode. After that go to start,run,at the run dialog box type cmd press enter. Then type the follow commands:

%SystemDrive% press on enter

cd %ProgramFiles%Common FilesSoftwinBitDefender Scan Server press on enter

Here are the commands what BitDefender must do with the infected files:

To disinfect the infected files type the command:

bdc /files /boot /arc /mail /log=bdcscan.log /fixed /dis

To quarantine the infected files type the command:

bdc /files /boot /arc /mail /log=bdcscan.log /fixed /move /moves

To delete the infected files type the command:

bdc /files /boot /arc /mail /log=bdcscan.log /fixed /del

You also have to press on enter.

Regards

Niels

alexcrist

@Niels: that won't work. As you can see, the virus is inside an installer. Scanning in Safe Mode will have the same result: Move failed

@Jenny: Do you know what application is that (Oberon Media)? If you do, and you trust it, then it might be a false positive. In this case, put the file SlgClientServicesRedists.exe in a zip file protected by the password infected and attach it to the next post here. A Virus Researcher will take a look at it, and remove the detection if necessary.

If you don't know that application, you can just delete that file (SlgClientServicesRedists.exe).

Cris.

Niels

@Cris: You are right. I didn't look carefully

I did some research and it seems a legit file. Take a look here : http://www.siteadvisor.com/sites/ninemsn.c...nloads/2836604/

So follow Cris suggestions.