 Need Help With Virus Removal, Gen:Trojan.Heur.P.cm4@carBkrf |
|
|
  |
 Jul 23 2010, 11:08 PM
Post
#1
|
|
|
Newbie Group: Members Posts: 5 Joined: 23-July 10 Member No.: 35,475  |
Bitdefender 2010
MS Windows XP, Home Edition V2 SP3 Desktop HP Pavilion a257c Virus locations: C:\WINDOWS\system32\ernel32.dll C:\WINDOWS\system32\spool\prtprocs\w32x86 computer>properties>"system restore tab" content now looks like the "general" information tab so there is no obvious way to "turn off system restore" CD burner stopped working Flash drive stopped working but now works after running %temp% and deleting temporary files using unlocker 1.8.8 Internet only goes to pop ups I was able to do a deep scan with bitdefender I copied the scan log to word, and then to a flash drive I am very affraid to load it on my laptop, which is what I am using now Thanks |
 |
 
|
|
Jul 24 2010, 08:13 AM
Post
#2
|
|
|
Technical Support  Group: Technical Support Posts: 1,424 Joined: 25-January 10 From: BD HQ Member No.: 30,868 |
Hello mariannegamble,
Can you send me by PM the word file containing the deep scan results? Also run BDSI and GMER and send me by PM the logs. Note: you need to upload the logs to www.sendspace.com or www.rapidshare.com or on any upload site of your choice and send only the links. http://kb.bitdefender.com/KB490-en--The-sy...s-infected.html |
|
|
|
|
Jul 25 2010, 05:17 PM
Post
#3
|
|
|
Technical Support Group: Technical Support Posts: 1,424 Joined: 25-January 10 From: BD HQ Member No.: 30,868 |
2 new files were signed as Trojan.BHO.OHU after analyzing the sent logs:
c:\windows\system32\setqp.dll c:\windows\system32\oetqp.dll Please run a BitDefender deep scan and post here the results Note: make sure your BitDefender is up to date before running the scan. |
|
|
|
|
Jul 27 2010, 12:11 AM
Post
#4
|
|
|
Newbie Group: Members Posts: 5 Joined: 23-July 10 Member No.: 35,475 |
QUOTE (Cristi Raducu @ Jul 25 2010, 01:42 PM)  2 new files were signed as Trojan.BHO.OHU after analyzing the sent logs: c:windowssystem32setqp.dll c:windowssystem32oetqp.dll Please run a BitDefender deep scan and post here the results Note: make sure your BitDefender is up to date before running the scan. I am not able to update BD Last update 7-19-10 4:12:54 I get an error message BD Support instructed me to create a rescue cd System will not boot from the cd I tried changing the bios to first boot from cd but it would not boot Start in Safe mode will not work Start in recovery will not work I'll run a deep scan and post the results Thanks, Marianne |
|
|
|
|
Jul 27 2010, 12:52 PM
Post
#5
|
|
|
Newbie Group: Members Posts: 5 Joined: 23-July 10 Member No.: 35,475 |
BitDefender Log File
Product: BitDefender Total Security 2010 Version: BitDefender Antivirus Scanner Scanning task: System Scan Log date: 7/27/2010 3:00:02 AM Log path: C:\Documents and Settings\All Users\Application Data\BitDefender\Desktop\Profiles\Logs\full_scan\1280214002_1_01.xml Scan paths: Path 0000: C:\ Path 0001: K:\ Scan Level: Scan for viruses: Yes Scan for adware: Yes Scan for spyware: Yes Scan for applications: Yes Scan for dialers: Yes Scan for rootkits: No Scan for keyloggers: Yes Virus Scanning Options: Scan registry keys: Yes Scan cookies: Yes Scan boot sectors: Yes Scan memory processes: Yes Scan archives: No Scan runtime packers: Yes Scan e-mails: Yes Scan all files: Yes Heuristic Scan: Yes Scanned extensions: not configured Excluded extensions: not configured Target Processing: Default first action for infected objects: Disinfect Default second action for infected objects: None Default first action for suspect objects : None Default second action for suspicious objects: None Default action for hidden objects: None Default first action for encrypted infected objects: Disinfect Default second action for encrypted infected objects: None Default first action for encrypted suspicious objects: None Default second action for encrypted suspicious objects: None Default action for password-protected objects: Log only Scan Engines Summary Virus signatures: 6560304 Archive plugins: 44 E-mail plugins: 6 Scan plugins: 14 System plugins: 5 Unpack plugins: 10 Basic Scanned items: 459768 Infected items: 11 Suspect items: 0 (no suspected items have been detected) Hidden items: 0 (the scan options do not include scanning for rootkits) Resolved items: 11 Unresolved items: 0 (no issues remained unresolved) Advanced Scan time: 02:26:53 Files per second: 52 Skipped items: 304129 Password-protected items: 2 Over-compressed items: 0 Individual viruses found: 1 Scanned folders: 46128 Scanned boot sectors: 4 Scanned archives: 3006 Input-output errors: 28 Scanned processes: 70 Infected processes: 0 Scanned registry keys: 1822 Infected registry keys: 0 Scanned cookies: 246 Infected cookies: 0 Resolved issues:Object Path Threat Name Final Status C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}\RP2421\A0338742.dll Gen:Trojan.Heur.P.cm4@carBkrf Moved to Quarantine C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}\RP2422\A0338754.dll Gen:Trojan.Heur.P.cm4@carBkrf Moved to Quarantine C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}\RP2422\A0338755.dll Gen:Trojan.Heur.P.cm4@carBkrf Moved to Quarantine C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}\RP2422\A0339754.dll Gen:Trojan.Heur.P.cm4@carBkrf Moved to Quarantine C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}\RP2422\A0339755.dll Gen:Trojan.Heur.P.cm4@carBkrf Moved to Quarantine C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}\RP2423\A0339767.dll Gen:Trojan.Heur.P.cm4@carBkrf Moved to Quarantine C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}\RP2423\A0339768.dll Gen:Trojan.Heur.P.cm4@carBkrf Moved to Quarantine C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}\RP2423\A0340767.dll Gen:Trojan.Heur.P.cm4@carBkrf Moved to Quarantine C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}\RP2423\A0341772.dll Gen:Trojan.Heur.P.cm4@carBkrf Moved to Quarantine C:\WINDOWS\system32\ernel32.dll Gen:Trojan.Heur.P.cm4@carBkrf Moved to Quarantine after reboot C:\WINDOWS\system32\spool\prtprocs\w32x86\M1g9i17q.dll Gen:Trojan.Heur.P.cm4@carBkrf Moved to Quarantine after reboot Not scanned objects:Object Path Reason: Final Status C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}\RP2419\A0338279.apm=>ams_xml_pl.xml Password-protected Not scanned (file was password-protected) C:\System Volume Information\_restore{F20DC6C2-5212-4F33-8959-AB7D05D4CDB6}\RP2419\A0338279.apm=>ams_xml_temp.xml Password-protected Not scanned (file was password-protected) |
|
|
|
|
Jul 28 2010, 04:02 AM
Post
#6
|
|
|
Newbie Group: Members Posts: 5 Joined: 23-July 10 Member No.: 35,475 |
I was able to update BF with Cristi's recommendations.
The deep scan was sent in to the customer support email I restarted the computer after the scan I was not able to update BD again after that The computer locked up on restart it would not load Windows XP I just run into dead ends when I tried to reboot The system did attempt to reboot from the cd rom The BD recover cd gave an error message I have a set of 6 recovery cds for the computer, the 1st cd would not reboot I tried a windows xp cd (2003)from my laptop as a repair and did not get very far. I'm going to take the PC to a local shop and see if they can get windows to reboot and go from there |
|
|
|
|
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:
|
Lo-Fi Version | Time is now: 21st May 2013 - 09:38 AM |