Hello,
I'm running BD 2010 and have been infected with Smart Fortress 2012. Can anyone provide instructions on how to recover from this?
Thanks,
James
Hi James
Welcome to the forums!
In order to be able to further investigate the reported situation we need a bit more information from your computer as follows:
. A BDSYS log;
[how to GENERATE A BDSYS LOG]
. Save and extract the BDSYS tool to a location of your choice:
http://www.bitdefender.com/files/Knowledge.../BDSysLog_i.exe
. Make sure you close all active applications and then run "BDSysLog_i.exe"; If you receive a firewall
alert,select to Allow the application to connect;
. Click the "Create log" button to start generating the
log; A progress bar is indicating that the tool is creating the report;
. When the small window appears with the message "Log
saved" then the report is complete and a new file named "bdsyslog.zip" has appeared on your Desktop;
. Send me via PM the generated log file.
. If the file is to big for send it over PM, upload the results to one of the online file hosting servers mentioned below or use one of your own and send via PM the download link.
http://www.sendspace.com
http://www.mediafire.com
IMPORTANT:
.During this process the Real Time Protection in Bitdefender must be temporarily disabled;
.If you receive a Bitdefender Firewall alert to inform you that BDSysLog_i.exe tries to connect to the internet,then you need to select Allow;
[how to DISABLE THE REAL-TIME PROTECTION on Bitdefender 2010]
In order to disable the real-time protection please open Bitdefender, click the "Settings" button in the upper right side of the interface, Switch UI to "Advanced Mode", Click "OK"; Go to "Antivirus" > "Shield" and click on "Real-time protection is enabled", select the time interval that suites your troubleshooting needs and click "OK" (the message will change to "Real-time protection is disabled"). The real-time protection should be enabled after performing the troubleshooting procedure.
[how to DISABLE THE REAL-TIME PROTECTION on Bitdefender 2011]
In order to disable the real-time protection please open Bitdefender, click the "Options" button in the upper right side of the interface, Switch UI to "Expert View"; Go to "Antivirus" > "Shield" and click on "Real-time protection is enabled", select the time interval that suites your troubleshooting needs and click "OK" (the message will change to "Real-time protection is disabled"). The real-time protection should be enabled after performing the troubleshooting procedure.
[how to DISABLE THE ANTIVIRUS PROTECTION in Bitdefender 2012]
In order to disable the antivirus protection,please open Bitdefender and click the "Settings" button in the upper side part of the interface"; In the new window go to "Antivirus" > "Shield"tab and click on "Turn off" under On-access scanning.Select the time interval that suites your troubleshooting needs and click "OK" . The On-access scanning should be enabled back after finishing the troubleshooting procedure.
[How to create a screen shot]
On Windows, press the Print Screen or Prnt Scrn key on your keyboard, found at the upper right of the keyboard. This key will capture the entire screen. Open up your paint program -click on "Start-> All Programs-> Accessories->
Paint". In the paint program, select File/New, then Edit/Paste. Then save the file and attach it in your PM message.
If the file is to big for send it over PM, upload the results to one of the online file hosting servers mentioned below or use one of your own and send via PM the download link.
We will get back to you as soon as the analysis is complete. Have a nice day.
Hi Christian,
Thanks for the quick reply. While waiting for your reply I downloaded the Recovery CD and used it to disinfect my laptop. I think the malware has been removed and I don't need any further assistance.
Thank you for your feedback!
Have a great weekend.
Hi James Thank you for your feedback! Have a great weekend.
I'm infected with the same Smart Fortress 2012 malware. I have managed to get everything going again and an antivirus scan shows no infections. However I still don't have internet access (I'm using my wife's Mac to send this).
I have an HP PC running Windows Premium 64-bit OS.
What do you suggest?
Thanks for your help.
Hello
Welcome to the forums.
Have you tried to repair the internet connection? Right click on the system tray icon, near the clock, and choose Troubleshoot or Repair.
Take care.
Hello Welcome to the forums. Have you tried to repair the internet connection? Right click on the system tray icon, near the clock, and choose Troubleshoot or Repair. Take care.
Right now I'm running the on-demand virus scanner in "safe mode" and it has found eleven infected files so far. When I ran the scanner in normal mode it found no files. When it finishes I'll try to have them removed.
I did try to repair the internet connection yesterday but it couldn't do anything about the problem. I did notice that there was a new peer connection but the indication went away almost immediately.
When the scanner has finished I'll let you know the results.
Jaybo
I still can't connect. When the OS did the connection analysis (after I rebooted and reset the router) it said that the connection was good but the problem was with microsoft.com The router is working fine; I'm using wi-fi to communicate on this laptop.
When I was in BD safe mode Firefox was able to connect, so I think there is still false information or damage from the Fortress 2012.
Any ideas?
Welcome back!
Have you tried to repair the current connection from Control Panel?
Hello Welcome back! Have you tried to repair the current connection from Control Panel? Take care.
Hi again. I've been away for a few days but I'm back -- until tomorrow, returning Wednesday.
I have tried to repair the connection from the Control Panel, but without success. I have received two messages at startup...
appdata/local/temp/ieUnunas.dll is missing
appdata/local/temp/ieUnunas64.dll is missing
I don't trust these messages!
I think I said previously that the router and wi-fi are working perfectly, as is the PC running Windows Home Premium 64-bit OS. All that appears to be screwed up is I/O.
When I did a scan in Protect Mode there were no viruses but there were 532 I/O errors! I could connect via Firefox in Protect Mode. BD reports a potentially malicious process detected.
I would really appreciate your help fixing this. A technical support person named George sent a response to my request after a few days and now his mailbox is full. I can send a PM with the details if you want.
Thanks so much for your attention to this. Using my wife's Mac laptop is really "getting old".
Could you please provide me the ticket ID from the system so I can take a look?
Thank you!
