4 replies to this topic

[skyhigh]

Hi guys, Scanned my computer last night with bit defender and found some malware, however i cannot delete it! I have also tried spybot, and am running eset online scanner as we speak Here is the log from BD: Product : BitDefender Total Security 2009 Version : BitDefender UIScanner v.12 Scanning task : Deep System Scan Log date : 03/10/2009 11:42:18 Log path : C:\ProgramData\BitDefender\Desktop\Profiles\Logs\deep_scan\1254566538_1_02.xml Scan Paths:Path 0000: C:\ Path 0001: E:\ Scan Options:Scan for viruses : Yes Scan for adware : Yes Scan for spyware : Yes Scan for applications : Yes Scan for dialers : Yes Scan for rootkits : Yes Target Selection Options:Scan registry keys : Yes Scan cookies : Yes Scan boot sectors : Yes Scan memory processes : Yes Scan archives : Yes Scan runtime packers : Yes Scan emails : No Scan all files : Yes Heuristic Scan : Yes Scanned extensions : Excluded extensions : Target Processing:Default action for infected objects : Disinfect Default action for suspicious objects : None Default action for hidden objects : None Default action for encrypted infected objects : None Default action for encrypted suspicious objects : None Default action for password-protected objects : Log as not scanned Scan engines summaryNumber of virus signatures : 4310033 Archive plugins : 44 Email plugins : 6 Scan plugins : 13 System plugins : 5 Unpack plugins : 8 Overall scan summaryScanned items : 69028 Infected items : 1 Suspicious items : 0 Resolved items : 0 Unresolved items : 7 Password-protected items : 6 Overcompressed items : 0 Individual viruses found : 1 Scanned directories : 26786 Scanned boot sectors : 2 Scanned archives : 389 Input-output errors : 51 Scan time : 00:20:56 Files per second : 53 Scanned processes summaryScanned : 52 Infected : 0 Scanned registry keys summaryScanned : 1015 Infected : 0 Scanned cookies summaryScanned : 1077 Infected : 0 Remaining issues:Object Name Threat Name Final Status [System]=]C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas64-v1_17\plugin_extra.m64 [2192] (full dump) Generic.Malware.K!PV.498577F6 No action was possible Objects that were not scanned:Object Name Reason Final Status C:\Program Files (x86)\Novint\N VeNT\updater.NVeNT.dat=]_TUProj.dat Password-protected Not scanned C:\Program Files (x86)\Novint\N VeNT\updater.NVeNT.dat=]_TUProjDT.dat Password-protected Not scanned C:\Program Files (x86)\Novint\N VeNT\updater.NVeNT.dat=]48_48_final.ico Password-protected Not scanned C:\Program Files (x86)\Novint\N VeNT\updater.NVeNT.dat=]IRIMG1.JPG Password-protected Not scanned C:\Program Files (x86)\Novint\N VeNT\updater.NVeNT.dat=]IRIMG2.JPG Password-protected Not scanned C:\Program Files (x86)\Novint\N VeNT\updater.NVeNT.dat=]IRIMG3.JPG Password-protected Not scanned Any help greatly greatly appriciated, i really need this resolved asap!!!

[Tomk]

Hi skyhigh,



My name is Tomk. I would be glad to take a look at your log and help you with solving any malware problems. Logs can take a while to research, so please be patient and I'd be grateful if you would note the following:

• I will be working on your Malware issues, this may or may not, solve other issues you have with your machine.
• The fixes are specific to your problem and should only be used for the issues on this machine.
• Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
• It's often worth reading through these instructions and printing them for ease of reference.
• If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
• Please reply to this thread. Do not start a new topic.

I'm thinking you've got yourself a false positive based upon there are dozens of bitdefender users that have the same results in the last 3 days.

However, let's get some information and have a look.

• Download DDS and save it to your desktop from
• Here
• here or
• here.
  
  • Disable any script blocking protection (How to Disable your Security Programs)
  • Double click DDS icon to run the tool (may take up to 3 minutes to run)
  • When done, DDS.txt will open.
  • After a few moments, attach.txt will open in a second window.
  • Save both reports to your desktop.
• We Need to check for Rootkits with RootRepeal
  
  • Download RootRepeal from one of the following locations and save it to your desktop.
    
    • Here
    • Here
    • or Here
  • Open on your desktop.
  • Click the tab.
  • Click the button.
  • In the Select Scan dialog, check
    
    
  • Push Ok
  • Check the box for your main system drive (Usually C:), and press Ok.
  • Allow RootRepeal to run a scan of your system. This may take some time.
  • Once the scan completes, push the button. Save the log to your desktop, using a distinctive name, such as RootRepeal.txt.
• Copy/paste the log (that you've previously saved to your desktop) from RootRepeal onto your post.
  
  
• Copy/paste the DDS.txt log (that you've previously saved to your desktop) onto your post.
  
  
• Attach the Attach.txt report to your post by scroling down to the Attachments area and then clicking Browse. Browse to where you saved the file, and click Open and then click UPLOAD.

[skyhigh]

Hi Tom, Thanks alot for looking at this problem, its much appriciated! I just got in from a couple of days away at work! Im going to sleep now, but will do all the listed above tomorrow when i get in from work! (7pm uk time) Thanks again for your time and help!

[Tomk]

[Tomk]

Due to inactivity this topic will be closed. If you need help please start a new thread.