Here's my logfile:

BitDefender Log File

Product : BitDefender Internet Security 2009
Version : BitDefender UIScanner v.12
Scanning task : Deep System Scan
Log date : 23:59:08 07/12/2008
Log path : C:\Documents and Settings\All Users\Application Data\Bitdefender\Desktop\Profiles\Logs\deep_scan\1228715948_1_02.xml

Scan Paths:Path 0000: C:\

Scan Options:Scan for viruses : Yes
Scan for adware : Yes
Scan for spyware : Yes
Scan for applications : Yes
Scan for dialers : Yes
Scan for rootkits : Yes

Target Selection Options:Scan registry keys : Yes
Scan cookies : Yes
Scan boot sectors : Yes
Scan memory processes : Yes
Scan archives : Yes
Scan runtime packers : Yes
Scan emails : No
Scan all files : Yes
Heuristic Scan : Yes
Scanned extensions :
Excluded extensions :

Target Processing:Default action for infected objects : Disinfect
Default action for suspicious objects : None
Default action for hidden objects : None

Scan engines summaryNumber of virus signatures : 2335710
Archive plugins : 44
Email plugins : 6
Scan plugins : 13
System plugins : 5
Unpack plugins : 7

Overall scan summaryScanned items : 54530
Infected items : 6
Suspicious items : 0
Resolved items : 2
Unresolved items : 4
Password-protected items : 0
Individual viruses found : 6
Scanned directories : 3757
Scanned boot sectors : 7
Scanned archives : 231
Input-output errors : 32
Scan time : 00:31:44
Files per second : 27

Scanned processes summaryScanned : 36
Infected : 0

Scanned registry keys summaryScanned : 734
Infected : 0

Scanned cookies summaryScanned : 734
Infected : 0

Remaining issues:Object Name Threat Name Final Status
C:\Documents and Settings\Owner\My Documents\setupxv.exe=](7z o)=]AdwareAlert\TCL.dll Adware.SpyClean.Z Infected (no action was possible, file was in an archive)
C:\Documents and Settings\Owner\My Documents\setupxv.exe=](7z o)=]AdwareAlert\zlib.dll Application.Generic.14887 Infected (no action was possible, file was in an archive)
C:\Documents and Settings\Owner\My Documents\setupxv.exe=](7z o)=]MSIStart.exe Spyware.1116 Infected (no action was possible, file was in an archive)
C:\Documents and Settings\Owner\My Documents\setupxv.exe=](7z o)=]AdwareAlert\AdwareAlert.srv.exe Trojan.FakeAV.CU Infected (no action was possible, file was in an archive)


Resolved issues:Object Name Threat Name Final Status
[System]=]C:\Documents and Settings\Norbert\Cookies\norbert@www.buy[2].txt Cookie.Buy Deleted
[System]=]C:\Documents and Settings\Norbert\Cookies\norbert@content.liveuniverse[2].txt Cookie.euniverse Deleted

Hello,

To remove the infection, you have to manually delete the file:


Cris.

Okay, I searched again a few days ago and found a file, and manually removed it. All scans came back clean.

Then today I find these 6 little buggers- again with the same AdWare name.
When I searched for these files, the response was something like "You do not have permission to view these files".

Here's the lastest BitDefender LogFile:


BitDefender Log File

Product : BitDefender Internet Security 2009
Version : BitDefender UIScanner v.12
Scanning task : Deep System Scan
Log date : 08:00:58 15/12/2008
Log path : C:\Documents and Settings\All Users\Application Data\Bitdefender\Desktop\Profiles\Logs\deep_scan\1229349658_1_02.xml

Scan Paths:Path 0000: C:\

Scan Options:Scan for viruses : Yes
Scan for adware : Yes
Scan for spyware : Yes
Scan for applications : Yes
Scan for dialers : Yes
Scan for rootkits : Yes

Target Selection Options:Scan registry keys : Yes
Scan cookies : Yes
Scan boot sectors : Yes
Scan memory processes : Yes
Scan archives : Yes
Scan runtime packers : Yes
Scan emails : Yes
Scan all files : Yes
Heuristic Scan : Yes
Scanned extensions :
Excluded extensions :

Target Processing:Default action for infected objects : Disinfect
Default action for suspicious objects : None
Default action for hidden objects : None

Scan engines summaryNumber of virus signatures : 2352088
Archive plugins : 45
Email plugins : 6
Scan plugins : 13
System plugins : 5
Unpack plugins : 7

Overall scan summaryScanned items : 52805
Infected items : 6
Suspicious items : 0
Resolved items : 0
Unresolved items : 6
Password-protected items : 0
Individual viruses found : 3
Scanned directories : 4305
Scanned boot sectors : 3
Scanned archives : 413
Input-output errors : 31
Scan time : 00:41:36
Files per second : 20

Scanned processes summaryScanned : 33
Infected : 0

Scanned registry keys summaryScanned : 831
Infected : 0

Scanned cookies summaryScanned : 831
Infected : 0

Remaining issues:Object Name Threat Name Final Status
C:\System Volume Information\_restore{A0B8019C-238B-49C0-9617-5CEFA9BE858B}\RP22\A0009343.exe=](7z o)=]AdwareAlert\TCL.dll Adware.SpyClean.Z Infected (no action was possible, file was in an archive)
C:\System Volume Information\_restore{A0B8019C-238B-49C0-9617-5CEFA9BE858B}\RP22\A0009344.exe=](7z o)=]AdwareAlert\TCL.dll Adware.SpyClean.Z Infected (no action was possible, file was in an archive)
C:\System Volume Information\_restore{A0B8019C-238B-49C0-9617-5CEFA9BE858B}\RP22\A0009343.exe=](7z o)=]MSIStart.exe Spyware.1116 Infected (no action was possible, file was in an archive)
C:\System Volume Information\_restore{A0B8019C-238B-49C0-9617-5CEFA9BE858B}\RP22\A0009344.exe=](7z o)=]MSIStart.exe Spyware.1116 Infected (no action was possible, file was in an archive)
C:\System Volume Information\_restore{A0B8019C-238B-49C0-9617-5CEFA9BE858B}\RP22\A0009343.exe=](7z o)=]AdwareAlert\AdwareAlert.srv.exe Trojan.FakeAV.CU Infected (no action was possible, file was in an archive)
C:\System Volume Information\_restore{A0B8019C-238B-49C0-9617-5CEFA9BE858B}\RP22\A0009344.exe=](7z o)=]AdwareAlert\AdwareAlert.srv.exe Trojan.FakeAV.CU Infected (no action was possible, file was in an archive)

Hello,

Read this guide: I Have A Virus In "system Volume Information"

Cris.