warezov.xm.m
Deep scan cannot remove win32.warezov.XM.m
It cannot disinfect or move.
No removal tool available
Any advise?
Comments
-
Hi ashevat
try this boot your pc into safe mode by pressing several times on the f8 button before the windows loadingscreen and choose for safe mode. Then go to start,run,at the run dialog box type cmd then press enter. Type the follow commands each followed by pressing on enter :
%SystemDrive%
cd %ProgramFiles%Common FilesSoftwinBitDefender Scan Server
Here are the commands what you wanted to do with the infected files :
To disinfect the infected files type the command:
bdc /files /boot /arc /mail /log=bdcscan.log /fixed /dis
To quarantine the infected files type the command:
bdc /files /boot /arc /mail /log=bdcscan.log /fixed /move /moves
To delete the infected files type the command:
bdc /files /boot /arc /mail /log=bdcscan.log /fixed /del
Regards
Niels
I will move this topic to a more appropriate forumsection.0 -
Thanks
a lotHi ashevat
try this boot your pc into safe mode by pressing several times on the f8 button before the windows loading screen and choose for safe mode. Then go to start,run,at the run dialog box type cmd then press enter. Type the follow commands each followed by pressing on enter :
%SystemDrive%
cd %ProgramFiles%Common FilesSoftwinBitDefender Scan Server
Here are the commands what you wanted to do with the infected files :
To disinfect the infected files type the command:
bdc /files /boot /arc /mail /log=bdcscan.log /fixed /dis
To quarantine the infected files type the command:
bdc /files /boot /arc /mail /log=bdcscan.log /fixed /move /moves
To delete the infected files type the command:
bdc /files /boot /arc /mail /log=bdcscan.log /fixed /del
Regards
Niels
I will move this topic to a more appropriate forum section.0 -
That was gladly done.
Regards
Niels0 -
I am having the same problem. I have 2 instances of warezov.xm.m in my eudora files that bitdefender can not remove. It says disinfect failed, rename failed, move failed each time I run the virus scan. I tried your removal instructions but when I go to the cmd dialog box, it can not find the folder BitDefender Scan Server.
Bitdefender is in this location on my computer:
C:\Program Files\Softwin\BitDefender10
And in the folder are these subfolders:
_enHTML
Ini
Lang
Logs
NAG
Quarantine
******
Skin
Let me know if you have an advice on how I should try to remove this instance of warezov. Thanks for your time.0 -
Win32.Warezov.XM.m is the actual mail which carries the Warezov worm. You may not be infected yet; it is however present in one of the mails you have received. Try disabling the virus shield, deleting all unknown/unrequested mails (with attachments) which you have received CAREFUL NOT TO OPEN THE ATTACHMENTS, and then re-enabling the virus shield.
0 -
Do also this Open outlook and delete the infected mail. Then empty your deleted items folder. After that go to file, data file management ,select the current mail archive,Setting ,Compact Now. Because it could be that the mail is already archived. Normally you don't get any warnings from BitDefender. If you never compacted your mails then it isn't necessary to do.
0 -
I actually tried doing this but the only reference by Bitdefender is to the email message #, without the email message subject or from address listed. Eudora does not have a way to look at messages by number. I will try to go through and try to delete more emails but I have several thousand.
Thanks for your help.0 -
You can focus on the ones which have an attachment, because the mail should have one.
0 -
I am having the same problem. I have 2 instances of warezov.xm.m in my eudora files that bitdefender can not remove. It says disinfect failed, rename failed, move failed each time I run the virus scan. I tried your removal instructions but when I go to the cmd dialog box, it can not find the folder BitDefender Scan Server.
Bitdefender is in this location on my computer:
C:\Program Files\Softwin\BitDefender10
And in the folder are these subfolders:
_enHTML
Ini
Lang
Logs
NAG
Quarantine
******
Skin
Let me know if you have an advice on how I should try to remove this instance of warezov. Thanks for your time.
The scan server is in this path: C:\program files\common files\softwin\bitdefender scan server. I too had a problem running this command line: cd %ProgramFiles%Common FilesSoftwinBitDefender Scan Server. I had to break things down and change directories one at a time. Try doing this and see if it works:
Start your PC is safe mode
Go to start...run...type in cmd in the dialog box and then press enter
Then type %SystemDrive% and press enter
Then type cd %ProgramFiles% and press enter
Now type cd Common Files and press enter
Type cd Softwin and press enter
Type cd BitDefender Scan Server and press enter
type bdc.exe and press enter.
This should start up the scan module. You can now type in one of the following command lines, depending on what you want to do, and hit enter. This should start a scan in safe mode.
To disinfect the infected files type the command:
bdc /files /boot /arc /mail /log=bdcscan.log /fixed /dis
To quarantine the infected files type the command:
bdc /files /boot /arc /mail /log=bdcscan.log /fixed /move /moves
To delete the infected files type the command:
bdc /files /boot /arc /mail /log=bdcscan.log /fixed /del
To be prompted on what to do with infected files found type the command
bdc /files /boot /arc /mail /log=bdcscan.log /fixed /prompt
Maybe this will save you from having to go through all your emails0 -
I have the same problem:
I'm getting hits for infected portions of my email mailboxes in Outlook and Eudora. These are text/html files and the attached files have been separately scanned and infected one's deleted. Why cant Bitdefender
strip out or give more location detail so that I can manually remove the text/html section that's triggering the alerts. All it does is say Disinfection failed, Move failed. Eudora and Outlook are both not running so why can't it move them to quarantine. I would delete these, but I have alot of important emails in there going back a couple of years!
With just the message number if nearly impossible to find them in Outlook or Eudora as they don't seem to number them in the way that Bitdefender is. It would be nice to have a debug view to see what triggers the alerts in the html/text based mailboxes.
Thanks,
-LeeYou can focus on the ones which have an attachment, because the mail should have one.0 -
The messages aren't stored individually, but in something resembling an archive. And the format of the mail inbox "archives" is not officially made public, so removing files from them is risky. It's also pretty difficult to link the files to the mail details (sender, subject, etc.). And of course the numbering doesn't match.
For Win32.Warezov.XM.m in particular, the mail body should contain the phrase: "Our robot has fixed an abnormal" (without quotes), which should help you find it.0 -
Thanks for your help Vlad. I found a message with that quote in it, it came from a hockey team's media press release. Did not even take a look at the email, just deleted it from the archive. I will do another scan to see if that removed it.
One more question, I went through my 20100 message email archive and deleted all but 2 of the emails that were popping up BitDefender warnings. One was the Warezov.XM.m that I deleted above, the second is an instance of Generic.Peed.EML.E9F54501. It references message number 19683 on Eudora, which of course I can not find.
If you have any information about what an email with Generic.Peed.EML.E9F54501 might contain, or any idea of how to remove it, let me know.0