bit defender won't remove Generic.XPL.ADODB
Hello.
A late scan revealed that I have been infected with Generic.XPL.ADODB which might be a trojan. The problem is BD can't remove it !!! I'm using BD Professional Plus 9 . Here's the summary of the scan report.
The two guilty items are Generic.XPL.ADODB.D3B8258F and Generic.XPL.ADODB.566EA48F .
Thank you.
C:\Program Files\Fichiers communs\Wise Installation Wizard\WISDAD6F5095DCA48868EA9A4F6B157CBAC_1_1_2.MSI=>(Embedded CAB)=>PhilipsModemSettings.js Infecté avec: Generic.XPL.ADODB.566EA48F
C:\Program Files\Fichiers communs\Wise Installation Wizard\WISDAD6F5095DCA48868EA9A4F6B157CBAC_1_1_2.MSI=>(Embedded CAB)=>PhilipsModemSettings.js Désinfection impossible
C:\Program Files\Fichiers communs\Wise Installation Wizard\WISDAD6F5095DCA48868EA9A4F6B157CBAC_1_1_2.MSI=>(Embedded CAB)=>PhilipsModemSettings.js Déplacement impossible
C:\Program Files\Fichiers communs\Wise Installation Wizard\WISDAD6F5095DCA48868EA9A4F6B157CBAC_1_1_2.MSI=>(Embedded CAB)=>fwgetfile.js Infecté avec: Generic.XPL.ADODB.D3B8258F
C:\Program Files\Fichiers communs\Wise Installation Wizard\WISDAD6F5095DCA48868EA9A4F6B157CBAC_1_1_2.MSI=>(Embedded CAB)=>fwgetfile.js Désinfection impossible
C:\Program Files\Fichiers communs\Wise Installation Wizard\WISDAD6F5095DCA48868EA9A4F6B157CBAC_1_1_2.MSI=>(Embedded CAB)=>fwgetfile.js Déplacement impossible
Comments
-
Hello.
As the name says, Generic.XPL.ADODB is a generic detection, which means that I can't offer details without looking at the files. The disinfection fails because they are inside a MSI (Microsoft Installer) archive, which is a proprietary format and disinfection would mean to unpack, remove the files and repack the files, which is both complicated (given that it's a proprietary format) and risky (since it's an install kit and removing files from it will probably render it unusable). The best thing you could do is to send me a PM (Private Message) with the install kit (C:\Program Files\Fichiers communs\Wise Installation Wizard\WISDAD6F5095DCA48868EA9A4F6B157CBAC_1_1_2.MSI) attached so that I can take a look at it and get back to you.0 -
Many thanks. I will send you the 2 items this evening.
Indeed you're right. It seems they are involved in the install kit related to an Internet TV Service Provider called Balgacom TV that I installed one month ago. I'm not the only one having this : http://www.commentcamarche.net/forum/affic...ojan-peed-gen#60 -
Ok, I will take care of it tomorrow.
0 -
Detection has been removed from the files and they should not be detected after the next update. If you still have problems, don't hesitate to PM me.
0 -
Huh thank you. I didn't know you were working for BD directly..
The same type of Trojan has been appearing in MyTemporaryInternetFiles directory lately but BD managed to move it to quarantine and I sent them to the BD lab.
I'll keep you informed if they show up again.0 -
Cd-MaN--
I have the same (or similar) infection--but not in an install archive, rather in my internet cache. Any chance I can get your help?
I am running BD v10...
Thanks!
//mjb0 -
Hi mjbrej
Normally when you clear all temp internet files then it must be deleted. Do this in safe mode if you don't want to temporary disable the realtime protection of BitDefender. To restart your pc in safe press several times on the f8 button choose for safe mode. Now open IE or any other browser go to tools,internet options,clear temp files and check also the option all offline-files. Reboot your pc again and see if it's still being detected.
Regards
Niels0 -
Hi there i would just like to say i have the same problem!. i only recently installed bitdefender internet security 2008 and the first thorough scan i ran on my pc picked up quite a few bits of malicious software that other anti viruses did not. I have managed to get rid of most of them but i am stuck with two threats that my BD cannot delete and that i cannot physically delete and i have tried everything to the best of my ability. One of the threats BD has picked up on is DeepScan:Generic.Malware.WX.60B70C16 which is embedded in my c/program files/common files/Wise...tBios.dll.A9CE7C1B_EC7A_4047_B91E_57C6FC288Bcc in have looked at where it is and yes it is in a windows installer package. I had thought of completely deleting that file with some hard core software i got but thought better of it. The other threat my BD picked up on is Generic.XPL.llS.5F96B2DF which again is also embedded in the same windows installer package which is c/program files/common files/wise...tHttp.dll.A9CE7C1B_EC7A_4047_B91E_57C6FC288BCC. The operating system i am using is windows vista home premium edition. Please please please can someone help as it is doing my head in and i know i won't be abletorelax until i believe my computer is clean. Thank you.
0 -
Hello jobsafish
This could be a false positiv. Can you please post the entire path? Press on the history link on the main screen of BitDefender double click on the reference scan finished. More info there you will find the location. I suggest that you temporary exclude this location X:\Program Files\Common Files in the antivirus section. To get there press on settings,antivirus,exceptions,and press on the add button. Now archive the installerpackage with the follow password infected and add it to your next reply to do so add new reply press on browse and navigate to the location of the archive press on upload. There is a 2 mb upload limit.
I suggest that you send it also to virus_submission@bitdefender.com
Regards
Niels0 -
Hello jobsafish
This could be a false positiv. Can you please post the entire path? Press on the history link on the main screen of BitDefender double click on the reference scan finished. More info there you will find the location. I suggest that you temporary exclude this location X:\Program Files\Common Files in the antivirus section. To get there press on settings,antivirus,exceptions,and press on the add button. Now archive the installerpackage with the follow password infected and add it to your next reply to do so add new reply press on browse and navigate to the location of the archive press on upload. There is a 2 mb upload limit.
I suggest that you send it also to virus_submission@bitdefender.com
Regards
Niels
Hi Niels
I would just like to say thank you for your help and advice!, but i did actually sort the problem out that i had, so no probs!. My last bit defender scan came up clean, so all is good!!. Long live bitdefender and thanks again and keep up the good work!!.
regards
jobsafish0 -
Hello jobsafish
Good to hear that your problem is solved. Glad that I could help you.
Best regards
Niels0 -
I am new to the forum but have been using Bit Defender for about 6 months. I am having a similar problem with trying to remove the Generic.Peed.EML virus. Bit Defender locates it durng a scan but is unable to remove it of move it. The virus is located as follows: d:\backup\documents and settings\mike\local settings\application data\ident.
I tried rebooting my system (XP) in the Safe Mode with Networking which is how I was finally able to remove the last virus. However, I am now getting a message on a blue screen telling me that there is a problem and windows has shut down. I suspect the virus is somehow preventing me from getting into the safe mode with newtwoking.
This is the second time in three months that a virus has gotten through BT which makes me question its value.
Any help would be greatly appreciated.0