Fakealert.abz
Ran a virus scan this morning,check out the below scan reprot:
//-----------------------------------------------------------------
//
// ProductBitDefender Internet Security v10
// Product10.2
//
// Created on: 04/10/2008 07:47:13
//
//-----------------------------------------------------------------
Virus Statistics
Scan path : C:\
Folders : 7851
Files : 384081
Memory processes scanned : 0
Archives : 3988
Runtime packers : 13731
Identified viruses : 2
Infected files : 2
Memory processes infected : 0
Suspect files : 0
Warnings : 0
Disinfected files : 0
Deleted files : 1
Moved files : 0
I/O errors : 30
Scan time : 01:03:33
Scan speed (files/sec) : 100
Spyware Statistics
Registry keys scanned : 0
Registry keys infected : 0
Cookies scanned : 0
Cookies infected : 0
Spyware files infected : 0
Spyware threats detected : 0
Virus definitions : 1834519
Scan plugins : 16
Archive plugins : 43
Unpack plugins : 7
Mail plugins : 6
System plugins : 4
Virus scan options
Detection
[X] Scan boot sectors
[X] Memory Processes
[X] Scan archives
[X] Scan runtime packers
[X] Scan email
File mask
[ ] Programs
[X] All files
[ ] User defined extensions:
[ ] Exclude extensions: ;
Action
Infected objects
[ ] Ignore
[X] Disinfect
[ ] Delete
[ ] Move to quarantine
[ ] Prompt user
Second action
[ ] Ignore
[ ] Delete
[X] Move to quarantine
[ ] Prompt user
Virus scan options
[X] Enable warnings
[X] Enable heuristics
[ ] Show all files in log
[X] Report file: C:\Documents and Settings\All Users\Application Data\Bitdefender\Desktop\Profiles\Logs\full_scan\1223099233.log
Spyware scan options
[X] Scan for riskware
[ ] Skip dial and applications from scan
[X] Registry keys
[X] Cookies
Summary:
C:\Documents and Settings\chris\Application Data\Opera\Opera\mail\store\account2\2008\09\02\502.mbs=>(message 0)=>[subject: Tracking N 9322812581][Date: Tue, 02 Sep 2008 10:44:25 +0200]=>(MIME part)=>TR87190-18721.doc.zip=>TR87190-18721.doc.exe Infected: Trojan.Spy.ZBot.KW
C:\Documents and Settings\chris\Application Data\Opera\Opera\mail\store\account2\2008\09\02\502.mbs=>(message 0)=>[subject: Tracking N 9322812581][Date: Tue, 02 Sep 2008 10:44:25 +0200]=>(MIME part)=>TR87190-18721.doc.zip=>TR87190-18721.doc.exe Deleted
C:\Documents and Settings\chris\Application Data\Opera\Opera\mail\store\account2\2008\09\02\502.mbs=>(message 0)=>[subject: Tracking N 9322812581][Date: Tue, 02 Sep 2008 10:44:25 +0200]=>(MIME part)=>TR87190-18721.doc.zip Archive repacking successfully completed (actions successfully applied)
C:\Documents and Settings\chris\Application Data\Opera\Opera\mail\store\account2\2008\09\02\502.mbs=>(message 0)=>[subject: Tracking N 9322812581][Date: Tue, 02 Sep 2008 10:44:25 +0200]=>(MIME part) Archive repacking successfully completed (actions successfully applied)
C:\Documents and Settings\chris\Application Data\Opera\Opera\mail\store\account2\2008\09\02\502.mbs=>(message 0) Archive repacking successfully completed (actions successfully applied)
C:\Documents and Settings\chris\Application Data\Opera\Opera\mail\store\account2\2008\09\02\502.mbs Archive repacking successfully completed (actions successfully applied)
C:\Documents and Settings\chris\Application Data\Opera\Opera\mail\store\account2\2008\10\03\519.mbs=>(message 0)=>[subject: Mad dreams about love.][Date: Fri, 03 Oct 2008 19:33:50 +0200]=>(MIME part)=>Late.Night.rar=>Late.Night.CamRip.###ual.Blondy.****.And.######.avi.exe Infected: Trojan.FakeAlert.ABZ
C:\Documents and Settings\chris\Application Data\Opera\Opera\mail\store\account2\2008\10\03\519.mbs=>(message 0)=>[subject: Mad dreams about love.][Date: Fri, 03 Oct 2008 19:33:50 +0200]=>(MIME part)=>Late.Night.rar=>Late.Night.CamRip.###ual.Blondy.****.And.######.avi.exe Disinfection failed
C:\Documents and Settings\chris\Application Data\Opera\Opera\mail\store\account2\2008\10\03\519.mbs=>(message 0)=>[subject: Mad dreams about love.][Date: Fri, 03 Oct 2008 19:33:50 +0200]=>(MIME part)=>Late.Night.rar=>Late.Night.CamRip.###ual.Blondy.****.And.######.avi.exe Move failed
I deleted the second e-mail infected with FakeAlert.ABZ and ran a second scan.
The scan tels me that the message and trojan are still there.
Any ideas on how to remove the trojan?
Thanks,
Chris
Comments
-
Didi you empty the trash ?!
0 -
Didi you empty the trash ?!
Hi Crysty2k5,
My girl freind uses opera,and I am not to familiar with it.
I told windows explorer to show hidden files,and was able to browse
to offending e-mail using the location provided in the scan report.
I deleted the infected message,and ran a scan of the opera folder,
and the documents and setting folder.The scan detected no problems.
Looks like the problem is fixed.
I will run a deep system scan in the morning,and if I need further assistance,
I will let you know.
Thanks for the help,
Chris0 -
Good job !
0