warezov.xm.m

Hi ashevat

try this boot your pc into safe mode by pressing several times on the f8 button before the windows loadingscreen and choose for safe mode. Then go to start,run,at the run dialog box type cmd then press enter. Type the follow commands each followed by pressing on enter :

%SystemDrive%

cd %ProgramFiles%Common FilesSoftwinBitDefender Scan Server

Here are the commands what you wanted to do with the infected files :

To disinfect the infected files type the command:

bdc /files /boot /arc /mail /log=bdcscan.log /fixed /dis

To quarantine the infected files type the command:

bdc /files /boot /arc /mail /log=bdcscan.log /fixed /move /moves

To delete the infected files type the command:

bdc /files /boot /arc /mail /log=bdcscan.log /fixed /del

Regards

Niels

I will move this topic to a more appropriate forumsection.

That was gladly done.

Regards

Niels

Win32.Warezov.XM.m is the actual mail which carries the Warezov worm. You may not be infected yet; it is however present in one of the mails you have received. Try disabling the virus shield, deleting all unknown/unrequested mails (with attachments) which you have received CAREFUL NOT TO OPEN THE ATTACHMENTS, and then re-enabling the virus shield.

I actually tried doing this but the only reference by Bitdefender is to the email message #, without the email message subject or from address listed. Eudora does not have a way to look at messages by number. I will try to go through and try to delete more emails but I have several thousand.

Thanks for your help.

I am having the same problem. I have 2 instances of warezov.xm.m in my eudora files that bitdefender can not remove. It says disinfect failed, rename failed, move failed each time I run the virus scan. I tried your removal instructions but when I go to the cmd dialog box, it can not find the folder BitDefender Scan Server.

Bitdefender is in this location on my computer:

C:\Program Files\Softwin\BitDefender10

And in the folder are these subfolders:

_enHTML

Ini

Lang

Logs

NAG

Quarantine

******

Skin

Let me know if you have an advice on how I should try to remove this instance of warezov. Thanks for your time.

The scan server is in this path: C:\program files\common files\softwin\bitdefender scan server. I too had a problem running this command line: cd %ProgramFiles%Common FilesSoftwinBitDefender Scan Server. I had to break things down and change directories one at a time. Try doing this and see if it works:

Start your PC is safe mode

Go to start...run...type in cmd in the dialog box and then press enter

Then type %SystemDrive% and press enter

Then type cd %ProgramFiles% and press enter

Now type cd Common Files and press enter

Type cd Softwin and press enter

Type cd BitDefender Scan Server and press enter

type bdc.exe and press enter.

This should start up the scan module. You can now type in one of the following command lines, depending on what you want to do, and hit enter. This should start a scan in safe mode.

To disinfect the infected files type the command:

bdc /files /boot /arc /mail /log=bdcscan.log /fixed /dis

To quarantine the infected files type the command:

bdc /files /boot /arc /mail /log=bdcscan.log /fixed /move /moves

To delete the infected files type the command:

bdc /files /boot /arc /mail /log=bdcscan.log /fixed /del

To be prompted on what to do with infected files found type the command

bdc /files /boot /arc /mail /log=bdcscan.log /fixed /prompt

Maybe this will save you from having to go through all your emails

The messages aren't stored individually, but in something resembling an archive. And the format of the mail inbox "archives" is not officially made public, so removing files from them is risky. It's also pretty difficult to link the files to the mail details (sender, subject, etc.). And of course the numbering doesn't match.

For Win32.Warezov.XM.m in particular, the mail body should contain the phrase: "Our robot has fixed an abnormal" (without quotes), which should help you find it.