Strange findings on PC /At Bitdefender online

[CJofVP]

Lastnight, I was finishing up doing some damage cleanup and repairs on my
PC. Since copying windows to this new drive, this thing has been running
like a bucket of (pick your expletive.)! Because of recent re-activation
problems with the folks in Redmond (product key issue)... I'm leary to do
inplace repairs or a clean install.

However, It seems C:\Recycler folders in Admin and owner are reporting
themselves corrupted in safe mode.
In normal opperation, all the trashcans are fine. I decided to go to
bitdefender online and scan, because I had the feeling due to performance
issues, this was the work of some sort of viral activity, that AVG hasn't
been picking up.

Having been there before, I figured the viral defs would update to current
and then I'd press scan. No update happened... So I press scan and IE
freezes up.

Killed IE with task manager, and then went into manage addons - through
Internet settings, and found the Bdoscan8 Active X control was damaged. So I
deleted it and went back to bitdefender to get a new control and hopefully
rescan.

That seemed to do the trick at first. It updated and I pressed scan.
Bitdefender was doing fine until it hit C:\Documents and Settings\(my
name)\local settings\application data\ on my account. Bitdefender got
locked into a terminal scan loop inside of an orphaned \MBSA folder that
apparently didn't get uninstalled. I took that folder out... along with the
History folder, killed everything, rebooted.. went back to bitdefender. It
found 2 viruses, deleted 4 and reported not being able to remove 1. I
thought wow... because it was in my hotmail that I've set up on Outlook
Express. I seldom use hotmail anymore these days.

But - it locked up again, at the end of the test and I didn't get my
report... I went back into Outlook Express and emptied the bulk folder where
Bitdefender said I'd find Trojan.Agent.SS ... and rescanned again.

???? I'm at my wits end here with whats going on.

 

[David H. Lipman]

From: "CJofVP" <[email protected]>

| Lastnight, I was finishing up doing some damage cleanup and repairs on my
| PC. Since copying windows to this new drive, this thing has been running
| like a bucket of (pick your expletive.)! Because of recent re-activation
| problems with the folks in Redmond (product key issue)... I'm leary to do
| inplace repairs or a clean install.
|
| However, It seems C:\Recycler folders in Admin and owner are reporting
| themselves corrupted in safe mode.
| In normal opperation, all the trashcans are fine. I decided to go to
| bitdefender online and scan, because I had the feeling due to performance
| issues, this was the work of some sort of viral activity, that AVG hasn't
| been picking up.
|
| Having been there before, I figured the viral defs would update to current
| and then I'd press scan. No update happened... So I press scan and IE
| freezes up.
|
| Killed IE with task manager, and then went into manage addons - through
| Internet settings, and found the Bdoscan8 Active X control was damaged. So I
| deleted it and went back to bitdefender to get a new control and hopefully
| rescan.
|
| That seemed to do the trick at first. It updated and I pressed scan.
| Bitdefender was doing fine until it hit C:\Documents and Settings\(my
| name)\local settings\application data\ on my account. Bitdefender got
| locked into a terminal scan loop inside of an orphaned \MBSA folder that
| apparently didn't get uninstalled. I took that folder out... along with the
| History folder, killed everything, rebooted.. went back to bitdefender. It
| found 2 viruses, deleted 4 and reported not being able to remove 1. I
| thought wow... because it was in my hotmail that I've set up on Outlook
| Express. I seldom use hotmail anymore these days.
|
| But - it locked up again, at the end of the test and I didn't get my
| report... I went back into Outlook Express and emptied the bulk folder where
| Bitdefender said I'd find Trojan.Agent.SS ... and rescanned again.
|
| ???? I'm at my wits end here with whats going on.
|


Download MULTI_AV.EXE from the URL --
http://www.ik-cs.com/programs/virtools/Multi_AV.exe

To use this utility, perform the following...
Execute; Multi_AV.exe { Note: You must use the default folder C:\AV-CLS }
Choose; Unzip
Choose; Close

Execute; C:\AV-CLS\StartMenu.BAT
{ or Double-click on 'Start Menu' in C:\AV-CLS }

NOTE: You may have to disable your software FireWall or allow WGET.EXE to go through your
FireWall to allow it to download the needed AV vendor related files.

C:\AV-CLS\StartMenu.BAT -- { or Double-click on 'Start Menu' in C:\AV-CLS}
This will bring up the initial menu of choices and should be executed in Normal Mode.
This way all the components can be downloaded from each AV vendor's web site.
The choices are; Sophos, Trend, McAfee, Kaspersky, Exit this menu and Reboot the PC.

You can choose to go to each menu item and just download the needed files or you can
download the files and perform a scan in Normal Mode. Once you have downloaded the files
needed for each scanner you want to use, you should reboot the PC into Safe Mode [F8 key
during boot] and re-run the menu again and choose which scanner you want to run in Safe
Mode. It is suggested to run the scanners in both Safe Mode and Normal Mode.

When the menu is displayed hitting 'H' or 'h' will bring up a more comprehensive PDF help
file. http://www.ik-cs.com/multi-av.htm

Additional Instructions:
http://pcdid.com/Multi_AV.htm


* * * Please report back your results * * *

 

[What's in a Name?]

CJofVP AKA (e-mail address removed) in alt.comp.anti-virus on 6/6/2006 after
much thought,came up with this jewel:

Lastnight, I was finishing up doing some damage cleanup and repairs
on my PC. Since copying windows to this new drive, this thing has
been running like a bucket of (pick your expletive.)! Because of
recent re-activation problems with the folks in Redmond (product key
issue)... I'm leary to do inplace repairs or a clean install.

However, It seems C:\Recycler folders in Admin and owner are
reporting themselves corrupted in safe mode. In normal opperation,
all the trashcans are fine. I decided to go to bitdefender online and
scan, because I had the feeling due to performance issues, this was
the work of some sort of viral activity, that AVG hasn't been picking
up.

Having been there before, I figured the viral defs would update to
current and then I'd press scan. No update happened... So I press
scan and IE freezes up.

Killed IE with task manager, and then went into manage addons -
through Internet settings, and found the Bdoscan8 Active X control
was damaged. So I deleted it and went back to bitdefender to get a
new control and hopefully rescan.

That seemed to do the trick at first. It updated and I pressed scan.
Bitdefender was doing fine until it hit C:\Documents and Settings\(my
name)\local settings\application data\ on my account. Bitdefender
got locked into a terminal scan loop inside of an orphaned \MBSA
folder that apparently didn't get uninstalled. I took that folder
out... along with the History folder, killed everything, rebooted..
went back to bitdefender. It found 2 viruses, deleted 4 and reported
not being able to remove 1. I thought wow... because it was in my
hotmail that I've set up on Outlook Express. I seldom use hotmail
anymore these days.

But - it locked up again, at the end of the test and I didn't get my
report... I went back into Outlook Express and emptied the bulk
folder where Bitdefender said I'd find Trojan.Agent.SS ... and
rescanned again.

???? I'm at my wits end here with whats going on.

******************Reply Separator*****************
Have you tried system restore?
I have some cleaning tools listed on my site.
You may have to bite the bullet on this one.
Burn a copy of all important files.
Once you get it cleaned up-stop using Internet Explorer and Outlook
Express. Try Thunderbird(there are extensions that will allow you to
receive hotmail and yahoo mail) for your mail and Firefox or Opera for
a browser.

max
--
Virus Removal Instructions http://home.neo.rr.com/manna4u/
Playing Nice on Usenet: http://oakroadsystems.com/genl/unice.htm#xpost
Change nomail.afraid.org to gmail.com to reply by e-mail.
nomail.afraid.org is setup specifically for use in USENET
Feel free to use it yourself.Registered Linux User #393236

 

[C J.]

CJofVP AKA (e-mail address removed) in alt.comp.anti-virus on 6/6/2006 after
much thought,came up with this jewel:

******************Reply Separator*****************
Have you tried system restore?
I have some cleaning tools listed on my site.
You may have to bite the bullet on this one.
Burn a copy of all important files.
Once you get it cleaned up-stop using Internet Explorer and Outlook
Express. Try Thunderbird(there are extensions that will allow you to
receive hotmail and yahoo mail) for your mail and Firefox or Opera for
a browser.

max
--
Virus Removal Instructions http://home.neo.rr.com/manna4u/
Playing Nice on Usenet: http://oakroadsystems.com/genl/unice.htm#xpost
Change nomail.afraid.org to gmail.com to reply by e-mail.
nomail.afraid.org is setup specifically for use in USENET
Feel free to use it yourself.Registered Linux User #393236

No.. unfortunately for me, the restore points were all corrupted. So I
dumped those, and made a new one before I went to the microsucks..er
softs.. online scanner today to test IEs Active X controls again. I was
impressed , even their registry scanner must of straightened a few things
out, for it found about 200 obscure \interface...\typlib entries and
removed them. At least some file associations are back to normal (whatever
normal is for a corrupted system,) from what I can tell. That maxblast 4
drive copy software is (expletive)! I hope Seagate plans to scrap that
software once their acquisiton of Maxtor is complete.

As for me - I'm about ready to get a full retail version of XP pro, and do a
clean install.