Gen:Trojan.Heur.Hype.6054ABABAB
Same problem
[system]=]C:\WINDOWS\system32\services.exe (memory dump) Gen:Trojan.Heur.Hype.6054ABABAB No action was possible
Comments
-
I also have this trojan on my computer: [system]=]C:\WINDOWS\system32\services.exe (memory dump) Gen:Trojan.Heur.Hype.6054ABABAB
Can anybody tell me please, how to get rid of this trojan? I try in safe mode, but there Bitdefender doesn't work???0 -
Hello SquirrelTrace and Werona,
Please download this tool: BitDefender AVIS
Unpack all files from that archive into a new, empty folder.
Then run avis.exe, go to System info and generate a complete system log, using the settings from this screenshot:
After the scan is finished, the log will be placed on your desktop, named bd_sys_log.xml.zip. Please upload that file on a file-sharing server (like rapidshare) and send me a download link through PM. We will analyze the log and give you further information.
Notice: Please do NOT make a system scan for malware with AVIS, unless specifically told so by one of the BitDefender Support Member or BitDefender Virus Analyst. Thank you.
Cris.0 -
Thank you Cris, I do like you said and then I let you know what happened.
0 -
"After the scan is finished... " Which scan? If I push the button Create log, the sign appears: Unable to add log file to arhive. If I push the button with three dots (at the end of the same line with Path to log file) I can save the bd sys log on my desktop but without any scaning. Is this OK?
0 -
No, it is not OK.
By scan, I mean the system scan that takes place when you click Create log. Please post a screenshot of the error.
Also, be sure to run AVIS with administrator rights.
Cris.0 -
No, it is not OK.
By scan, I mean the system scan that takes place when you click Create log. Please post a screenshot of the error.
Also, be sure to run AVIS with administrator rights.
Cris.
простите за мой русский.
Имею туже проблему. Такой же вирус. Что делать? Если можно по русски.0 -
Thank you Cris, I do like you said and then I let you know what happened.простите за мой русский.
Имею туже проблему. Такой же вирус. Что делать? Если можно по русски.
Привет! Я тоже русский. Совершенно не говорю по английски, но всё прекрасно понимаю " /> Помоему проблема с вирусом ещё только решается. Нас просят послать какой-то лог системы. Нужно скачать http://students.info.uaic.ro/~cristian.dra...r/avis/avis.zip , извлеч содержимое в пустую папку, запустить avis.exe, выбрать пункт System info:
Нажать Create log. Появится такой файл C:/bd_sys_log.xml.zip, который и нужно отправить Cris в личные сообщения. Залить файл сначала можно на www.rapidshare.com, например. Ну вот так :-)0 -
Привет! Я тоже русский. Совершенно не говорю по английски, но всё прекрасно понимаю laugh.gif Помоему проблема с вирусом ещё только решается. Нас просят послать какой-то лог системы. Нужно скачать http://students.info.uaic.ro/~cristian.dra...r/avis/avis.zip , извлеч содержимое в пустую папку, запустить avis.exe, выбрать пункт System info:
Reduced 79%
Attached Image
700 x 539 (60.68K)
Нажать Create log. Появится такой файл C:/bd_sys_log.xml.zip, который и нужно отправить Cris в личные сообщения. Залить файл сначала можно на www.rapidshare.com, например. Ну вот так :-)
Где же мы его все подхватили то, та же проблема.0 -
Где же мы его все подхватили то, та же проблема.
Чёрт его знает. Вон, в России, Украине, Молдавии, Белоруссии, Эстонии, Казахстане, Узбекистане на первых местах этот Trojan.Heur.Hype.6054ABABAB " />http://www.malwarecity.com/real-time/virus-map.php0 -
Ну я выслал сис лог, думаю как то решат етот вопрос,а если нет, будет лишний повод сделать формат C х) интерестно что он делает вообще, но появился он у меня тчоно меньше 2 дней назад, сканил тогда всё чисто было.
Sorry for our russian0 -
If anyone uses Russian again on this topic, all posts will be deleted. Also, the posts in Russian will not be answered, because of the simple fact that nobody around this forum knows Russian. If you want to get help, please be so kind and use a translator (Google Translate does an acceptable good job for it).
Thank you.
Cris.0 -
Hello SquirrelTrace and Werona,
Please download this tool: BitDefender AVIS
Unpack all files from that archive into a new, empty folder.
Then run avis.exe, go to System info and generate a complete system log, using the settings from this screenshot:
After the scan is finished, the log will be placed on your desktop, named bd_sys_log.xml.zip. Please upload that file on a file-sharing server (like rapidshare) and send me a download link through PM. We will analyze the log and give you further information.
Notice: Please do NOT make a system scan for malware with AVIS, unless specifically told so by one of the BitDefender Support Member or BitDefender Virus Analyst. Thank you.
Cris.
Hey Cris,
Have the same problem. I already made the scan do I just send you a link throug the forum?
Thanx,0 -
Hey Cris,
Have the same problem. I already made the scan do I just send you a link throug the forum?
Thanx,
Sorry didn't see the end of your instructions
Got it... I sent it by PM!0 -
If anyone uses Russian again on this topic, all posts will be deleted. Also, the posts in Russian will not be answered, because of the simple fact that nobody around this forum knows Russian. If you want to get help, please be so kind and use a translator (Google Translate does an acceptable good job for it).
Thank you.
Cris.
Okay, Cris. Let govrrit English. Messages do not nail you. There, your instructions in Russian.0 -
Okay, Chris. Let's talk on English. Do not delete the message. There, your instructions in Russian.
0 -
Sorry didn't see the end of your instructions
Got it... I sent it by PM!
Cris,
Any news about this issue?
Did you get what I have sent you?
Thank you,
zero_mj0 -
Cris once again: If I push the button Create log, the sign appears: Unable to add log file to arhive.
What is wrong? Thanx, W0 -
-
Cris once again: If I push the button Create log, the sign appears: Unable to add log file to arhive.
What is wrong? Thanx, W
When you start AVIS, the field Path to logfile will be automatically set to your Desktop. Don't change that field. In the screenshot I've posted that field points to my Desktop, which obviously doesn't exist on your system.
As for the results, I haven't had time to take a look at the logs yet. I'm in the middle of exams period, and I barely have time for anything. Sorry for the delay.
Cris.0 -
When BitDefender will help us with the decision of this problem.
It can your problems with AVIRA?
Other antiviruses do not find this virus...0 -
Cris, I didn't change the Path to logfile field. It is already set on my Desktop, but nothing happened when I pressed button Create log. Only sign Unable to add...
0 -
@ everyone having the Gen:Trojan.Heur.Hype.6054ABABAB detection: please download this tool: students.info.uaic.ro/~cristian.dragusanu/other/avis/dump.zip
Create an empty folder somewhere and unzip the file you downloaded. The run dump.bat from that folder (do NOT run dump.exe directly). BitDefender Behavioral Scanner might react to this tool, if you have enabled this module. Please allow any actions related to this tool.
When the tool finishes it's job, one (or more) sub-folders named services.exe.pid_<number> will be created in the folder where you put the tool (the <number> is a number representing a ProcessID). Please archive that file with the password infected, upload it on a file sharing server and send me the download link (like you did with the avis log).
It might be a good idea to temporarily disable BitDefender all-together while you run this tool, until you finish archiving the results. This will prevent any corruption if BitDefender blocks anything due to the presented detection.
@Werona: please take the same steps I presented above.
@CPS: you have a different problem than what is being discussed in this topic. I will give you an answer a little bit later. (post moved to a different topic)
Cris.0 -
Hello Cris,
What's going on? are we geting help on this trojan? It's been a couple of days now and no reply no support nothing! Please tell us that it is being solved, your people are working hard on it or something. This is just unprofessional! We don't even know what this thing does to a computer... when I was buying this product I was kind of hoping not to get this stuff on my computer. Please tell me If I am or we are getting any help here, if not I will be looking somewhere else. " />
zero_mj0 -
Cris, I send you this download link on your PM. I hope it helps you to do something.
0 -
Hello Cris,
What's going on? are we geting help on this trojan? It's been a couple of days now and no reply no support nothing! Please tell us that it is being solved, your people are working hard on it or something. This is just unprofessional! We don't even know what this thing does to a computer... when I was buying this product I was kind of hoping not to get this stuff on my computer. Please tell me If I am or we are getting any help here, if not I will be looking somewhere else. " />
zero_mj
The detection you all are facing is a heuristic detection. Nobody actually knows what it is about until a sample is analyzed.
But things are a little more complicated because we are dealing here with somekind of code injection into running processes ((memory dump) means that the detection was made only in the memory of a running process, not on a local file), so a simple "Send us the X file for analysis" just doesn't work in this case.
That is why I was given that dump tool, to collect a few things related to this detection. Once the results are analyzed by one of BitDefender Virus Analysts, hopefully you all will get an answer.
So yes, this is being worked on. As soon as I get a reply, you'll know about it.
Cris.
P.S.: Please don't make other topics about this matter. Post anything you have to post in this thread. I can't read all the topics of this forum, so if you start other threads about this, you have a very high chance of not getting a reply at all. This time, I merged the topics. But don't do it again. Thank you.0 -
As a curiosity, since nobody actually mentioned it: did you all try a Deep System Scan with BitDefender? If you did, were there any other alerts of any kind?
If you didn't, please do so and post here a scan log.
The dumps you sent me are still under investigation.
Cris.0 -
Yes, I try a Deep System Scan and it is the same alert and same problem - trojan is still on computer.
0 -
So, I did a Deep System Scan and that is the only issue. It has been the only threat on the computer since I was infected with it. The other file is your memory scan password encrypted archive that you asked for earlier.
0 -
By the way, my computer also randomly restarts for no apparent reason. If I am in the middle of gaming, working, or even if the computer is sitting idle while I'm gone sometimes I return to find that it has restarted. Sometimes in the midst of gaming I get an error related to memory dump and the game closes. Just FYI if it helps at all.
0 -
Hello everybody,
Thank you for reporting this issue and for all the information you have provided us with. An update to fix this situation has been released about an hour ago.
In order to resolve it please update BitDefender, then rescan your system in order to see if you still have the detection.0 -
No dice. I did a Deep System Scan after an update (actually after updating once and scanning, then updating a second time and rescanning) and it is still there with the same interaction--disinfect failed, so I chose delete, which also did not work and was left with a "no action possible."
0 -
Unfortunately, there has been an unexpected delay in deploying the update which contains this fix. The fix will be available by automatic update as soon as possible.
We are deeply sorry for any inconveniences.
@tunnelmonk: I doubt it that your reboot problems are related to the matter discussed in this topic. Sudden system reboots appear most of the times in case of system failure, which end with a BSOD (Blue Screen Of Death error). Please open a new topic and post some details about the reboots and what error code you get when you receive a Blue Screen. If you don't see a BSOD, then you have to disable Automatic Restart on System failure.
Cris.0 -
Cris, no problem. We will wait for update and than let you know if everything is OK.
Werona.0 -
Will this fix also address: Gen:Trojan.Heur.Hype.C0847B7B7B
possible variant of the same trojan?
Thanks.0 -
Hello Adrienne C,
Could you please post a BitDefender scan log about this detection? I cannot check anything only based on a detection name.
Cris.0 -
Hello Adrienne C,
Could you please post a BitDefender scan log about this detection? I cannot check anything only based on a detection name.
Cris.
PM sent with link. Thanks0 -
You're welcome, but it's not what I requested. I asked for a BitDefender scan log, not an AVIS system log. At this point, an AVIS log is of no use to me.
Please attach a BitDefender Deep Scan log. Thank you.
Cris.0 -
Hello everyone,
I believe the fix has just entered automatic update. At the moment I don't have a way to test if detection has been fixed, but the files containing the fix are on the update server.
Please update BitDefender and post here if the problem is fixed or not.
Thank you.
Cris.0 -
Huuuuraaaaaaaaaaa. Yes, Cris the problem is fixed!!! Thank you guys for amazing work. The virus is killed and no longer showing as unsolved problem. Thank you once again. The bitdefender supporting team is just amazing!
0 -
Good time of the day, I just contracted the virus Gen:Trojan.Heur.Hype.6054ABABAB. But after today's upgrade my BitDefender stopped him to find in file
[system]=]C:\WINDOWS\system32\services.exe (memory dump)
____________________
sorry for my english, i translate via Google0 -
Good time of the day, I just contracted the virus Gen:Trojan.Heur.Hype.6054ABABAB. But after today's upgrade my BitDefender stopped him to find in file
____________________
sorry for my english, i translate via Google
Same problem0 -
Hello everyone,
I believe the fix has just entered automatic update. At the moment I don't have a way to test if detection has been fixed, but the files containing the fix are on the update server.
Please update BitDefender and post here if the problem is fixed or not.
Thank you.
Cris.
Hello,
I had the very same problem with this Trojan.heur.hype.6054ababab. And, indeed, after the last update Bit Defender haven’t found it.
But, does this mean than the problem is solved? The last scan showed no threats, but the actual detection of Trojan and its inactivation has not been mentioned.
Can anyone please explain me how it is possible?
Thank you,
Sabina.0 -
Cris,
After automatic update,
I try a Deep System Scan and it is the same alert and same problem - trojan is still on computer.0 -
Andrey_38,
Please attach a BitDefender Full System scan.
Cris.0 -
Cris,
I have a new trouble - Scan does not work !
scheduled task does not work
If I start scan manually, I have a message "Scan failed to execute"
What does it mean?
additional information:
After update:
Antivirus Signature Properties is:
Virus Signatures 3346964
Engine Version 7.25878
thank you0 -
Hello Andrey_38,
For this issue please use the patches listed in this KB article:
http://www.bitdefender.com/site/KnowledgeBase/consumer/#547
Thank you!0 -
it works ok!
Thank you!0 -
Andrey_38,
Now that you've fixed the scanning problem, do you still have that detection issue? If yes, please make a BitDefender scan and attach here the log.
Cris.0