Trojan.fakeav.ki

sipncruz

Ok I have a trojan that bit defender cant get rid of. I have ran a scan a few times also started in safe mode. It runs IE and the only way i see it is to go into task manager/processes.

BitDefender Log File

Product : BitDefender Total Security 2009

Version : BitDefender UIScanner v.12

Scanning task : Deep System Scan

Log date : 5/14/2009 10:29:49 AM

Log path : C:\Documents and Settings\All Users\Application Data\Bitdefender\Desktop\Profiles\Logs\deep_scan\1242322189_3_02.xml

Scan Paths:Path 0000: C:\

Path 0001: \

Path 0002: E:\

Scan Options:Scan for viruses : Yes

Scan for adware : Yes

Scan for spyware : Yes

Scan for applications : Yes

Scan for dialers : Yes

Scan for rootkits : Yes

Target Selection Options:Scan registry keys : Yes

Scan cookies : Yes

Scan boot sectors : Yes

Scan memory processes : Yes

Scan archives : Yes

Scan runtime packers : Yes

Scan emails : No

Scan all files : Yes

Heuristic Scan : Yes

Scanned extensions :

Excluded extensions :

Target Processing:Default action for infected objects : Disinfect

Default action for suspicious objects : None

Default action for hidden objects : None

Default action for encrypted infected objects : None

Default action for encrypted suspicious objects : None

Default action for password-protected objects : Log as not scanned

Scan engines summaryNumber of virus signatures : 2970515

Archive plugins : 45

Email plugins : 6

Scan plugins : 13

System plugins : 5

Unpack plugins : 7

Overall scan summaryScanned items : 219207

Infected items : 14

Suspicious items : 0

Resolved items : 0

Unresolved items : 272

Password-protected items : 258

Overcompressed items : 0

Individual viruses found : 14

Scanned directories : 9758

Scanned boot sectors : 0

Scanned archives : 4128

Input-output errors : 0

Scan time : 00:43:36

Files per second : 83

Scanned processes summaryScanned : 60

Infected : 0

Scanned registry keys summaryScanned : 1331

Infected : 0

Scanned cookies summaryScanned : 253

Infected : 0

Remaining issues:Object Name Threat Name Final Status

\\?\globalroot\systemroot\system32\UACttaqnovbwxyekfa.dll Trojan.FakeAV.KI Disinfect Failed

\\?\globalroot\systemroot\system32\UACttaqnovbwxyekfa.dll Trojan.FakeAV.KI Disinfect Failed

\\?\globalroot\systemroot\system32\UACttaqnovbwxyekfa.dll Trojan.FakeAV.KI Disinfect Failed

\\?\globalroot\systemroot\system32\UACttaqnovbwxyekfa.dll Trojan.FakeAV.KI Disinfect Failed

\\?\globalroot\systemroot\system32\UACttaqnovbwxyekfa.dll Trojan.FakeAV.KI Disinfect Failed

\\?\globalroot\systemroot\system32\UACttaqnovbwxyekfa.dll Trojan.FakeAV.KI Disinfect Failed

\\?\globalroot\systemroot\system32\UACttaqnovbwxyekfa.dll Trojan.FakeAV.KI Disinfect Failed

\\?\globalroot\systemroot\system32\UACttaqnovbwxyekfa.dll Trojan.FakeAV.KI Disinfect Failed

\\?\globalroot\systemroot\system32\UACttaqnovbwxyekfa.dll Trojan.FakeAV.KI Disinfect Failed

\\?\globalroot\systemroot\system32\UACttaqnovbwxyekfa.dll Trojan.FakeAV.KI Disinfect Failed

\\?\globalroot\systemroot\system32\UACttaqnovbwxyekfa.dll Trojan.FakeAV.KI Disinfect Failed

\\?\globalroot\systemroot\system32\UACttaqnovbwxyekfa.dll Trojan.FakeAV.KI Disinfect Failed

\\?\globalroot\systemroot\system32\UACttaqnovbwxyekfa.dll Trojan.FakeAV.KI Disinfect Failed

\\?\globalroot\systemroot\system32\UACttaqnovbwxyekfa.dll Trojan.FakeAV.KI Disinfect Failed

charliethered

hey there

this thread should help you out quite a bit...

I had this problem last night. It's a pretty easy fix.

http://forum.bitdefender.com/index.php?sho...amp;#entry57876

What I did was I downloaded combofix.exe, changed its name (the virus will prevent you from running it unless you change it to something), run it, and it will find the rootkits and get rid of them in a heartbeat.