Fakealert.abz

p-39driver
p-39driver
in Malware talk

Ran a virus scan this morning,check out the below scan reprot:


//-----------------------------------------------------------------


//


// ProductBitDefender Internet Security v10


// Product10.2


//


// Created on: 04/10/2008 07:47:13


//


//-----------------------------------------------------------------


Virus Statistics


Scan path : C:\


Folders : 7851


Files : 384081


Memory processes scanned : 0


Archives : 3988


Runtime packers : 13731


Identified viruses : 2


Infected files : 2


Memory processes infected : 0


Suspect files : 0


Warnings : 0


Disinfected files : 0


Deleted files : 1


Moved files : 0


I/O errors : 30


Scan time : 01:03:33


Scan speed (files/sec) : 100


Spyware Statistics


Registry keys scanned : 0


Registry keys infected : 0


Cookies scanned : 0


Cookies infected : 0


Spyware files infected : 0


Spyware threats detected : 0


Virus definitions : 1834519


Scan plugins : 16


Archive plugins : 43


Unpack plugins : 7


Mail plugins : 6


System plugins : 4


Virus scan options


Detection


[X] Scan boot sectors


[X] Memory Processes


[X] Scan archives


[X] Scan runtime packers


[X] Scan email


File mask


[ ] Programs


[X] All files


[ ] User defined extensions:


[ ] Exclude extensions: ;


Action


Infected objects


[ ] Ignore


[X] Disinfect


[ ] Delete


[ ] Move to quarantine


[ ] Prompt user


Second action


[ ] Ignore


[ ] Delete


[X] Move to quarantine


[ ] Prompt user


Virus scan options


[X] Enable warnings


[X] Enable heuristics


[ ] Show all files in log


[X] Report file: C:\Documents and Settings\All Users\Application Data\Bitdefender\Desktop\Profiles\Logs\full_scan\1223099233.log


Spyware scan options


[X] Scan for riskware


[ ] Skip dial and applications from scan


[X] Registry keys


[X] Cookies


Summary:


C:\Documents and Settings\chris\Application Data\Opera\Opera\mail\store\account2\2008\09\02\502.mbs=>(message 0)=>[subject: Tracking N 9322812581][Date: Tue, 02 Sep 2008 10:44:25 +0200]=>(MIME part)=>TR87190-18721.doc.zip=>TR87190-18721.doc.exe Infected: Trojan.Spy.ZBot.KW


C:\Documents and Settings\chris\Application Data\Opera\Opera\mail\store\account2\2008\09\02\502.mbs=>(message 0)=>[subject: Tracking N 9322812581][Date: Tue, 02 Sep 2008 10:44:25 +0200]=>(MIME part)=>TR87190-18721.doc.zip=>TR87190-18721.doc.exe Deleted


C:\Documents and Settings\chris\Application Data\Opera\Opera\mail\store\account2\2008\09\02\502.mbs=>(message 0)=>[subject: Tracking N 9322812581][Date: Tue, 02 Sep 2008 10:44:25 +0200]=>(MIME part)=>TR87190-18721.doc.zip Archive repacking successfully completed (actions successfully applied)


C:\Documents and Settings\chris\Application Data\Opera\Opera\mail\store\account2\2008\09\02\502.mbs=>(message 0)=>[subject: Tracking N 9322812581][Date: Tue, 02 Sep 2008 10:44:25 +0200]=>(MIME part) Archive repacking successfully completed (actions successfully applied)


C:\Documents and Settings\chris\Application Data\Opera\Opera\mail\store\account2\2008\09\02\502.mbs=>(message 0) Archive repacking successfully completed (actions successfully applied)


C:\Documents and Settings\chris\Application Data\Opera\Opera\mail\store\account2\2008\09\02\502.mbs Archive repacking successfully completed (actions successfully applied)


C:\Documents and Settings\chris\Application Data\Opera\Opera\mail\store\account2\2008\10\03\519.mbs=>(message 0)=>[subject: Mad dreams about love.][Date: Fri, 03 Oct 2008 19:33:50 +0200]=>(MIME part)=>Late.Night.rar=>Late.Night.CamRip.###ual.Blondy.****.And.######.avi.exe Infected: Trojan.FakeAlert.ABZ


C:\Documents and Settings\chris\Application Data\Opera\Opera\mail\store\account2\2008\10\03\519.mbs=>(message 0)=>[subject: Mad dreams about love.][Date: Fri, 03 Oct 2008 19:33:50 +0200]=>(MIME part)=>Late.Night.rar=>Late.Night.CamRip.###ual.Blondy.****.And.######.avi.exe Disinfection failed


C:\Documents and Settings\chris\Application Data\Opera\Opera\mail\store\account2\2008\10\03\519.mbs=>(message 0)=>[subject: Mad dreams about love.][Date: Fri, 03 Oct 2008 19:33:50 +0200]=>(MIME part)=>Late.Night.rar=>Late.Night.CamRip.###ual.Blondy.****.And.######.avi.exe Move failed


I deleted the second e-mail infected with FakeAlert.ABZ and ran a second scan.


The scan tels me that the message and trojan are still there.


Any ideas on how to remove the trojan?


Thanks,


Chris

Comments

  • rootkit
    rootkit ✭✭✭

    Didi you empty the trash ?!

  • p-39driver
    p-39driver
    Didi you empty the trash ?!


    Hi Crysty2k5,


    My girl freind uses opera,and I am not to familiar with it.


    I told windows explorer to show hidden files,and was able to browse


    to offending e-mail using the location provided in the scan report.


    I deleted the infected message,and ran a scan of the opera folder,


    and the documents and setting folder.The scan detected no problems.


    Looks like the problem is fixed.


    I will run a deep system scan in the morning,and if I need further assistance,


    I will let you know.


    Thanks for the help,


    Chris

  • rootkit
    rootkit ✭✭✭

    Good job ! :)

All Time Leaders

Categories

Defenders of the month