Virus Infection. No Action Is Possible

I ran a deep scan and i found that i got infected with these 2 viruses


Behaveslike:Win32.IRC-backdoor


Deepscan: Generic.Malware.SI!Bprng.9059080D7


it is infected in C:/windows/service.exe


it also says no action possible


wat shud i do?

Comments

  • These two detections are based on heuristic scanning.


    Please put the detected files in a password-protected ZIP archive (with the password infected) and attach the archive to your next post.


    One of our Virus Analysts will take a look at the files and tell you what to do.


    Cris.

  • BlueeMist
    edited August 2008

    hi


    thanks alot for replying...


    i went to manually removed the file service.exe some time earlier bcos i was too anxious to get rid of the virus.


    (pardon my ignorance.. i am not good with computers)


    have i done the wrong step?


    please advice. thx again

  • Please attach the scan log file, to see what other files were detected. As far as I'm told, both detections that you posted cannot be on only one file.


    To find the log, open BitDefender, go to Antivirus -> Scan, right click the task, select Logs, open the last log. A Internet Explorer window will open. Find the file which is listed in IEs Address Bar (that is the scan log), and attach it.


    Cris.

  • Ok, as far as I can see, the second log is clean.


    But there are some observations I'd like to make:


    - in the first log, the file that you pointed in the first post is not mentioned. How did you know what file you're looking for?


    - in the second log, I see that BD has detected (and probably corrupted) some backup files. This happened because the backup program that you used probably used a hiding technique that's used by rootkits to hide themselves, and BD thought that the backups were malware. Since you are using such backup applications, I'd suggest that you edit the scan options so that anti-rootkit scan won't take any automated actions on detected files (instead, it should ask you what to do). It's safer this way.


    Cris.

  • hi thx for replying


    thx alot for the advice as well


    In the step 2 of 3 for the deep scan, it says that the virus is infected in the file C:/windows/service.exe and i went to locate the file and delete it manually.


    after the deep scans, does it mean that my computer is clean now?

  • As far as I can see in the logs, yes, it's clean. If you have other symptoms, or if the detected file re-appears, post back on the forum :)


    Cris.

  • ok sure


    thanks alot! :)

  • You're welcome. :)