Rootkit

Hi,


All my Bitdefender 10 Security Pkg works fine now, except my rootkit scan. When the scheduled scan time came due, it showed "engine diabled" - I tried to do a manual, but the same results. Is there a quick remedy to get that going?


Thank you for your help.

Comments

  • Hello Brandi,


    i got the same trouble, is a key in reg.


    http://forum.bitdefender.com/index.php?showtopic=160


    is only in german.


    When you have trouble have with the engine to start try this.


    greets


    loony

  • Seems the old new account won't let me post..........


    I would like information on how to enable my rootkit scanner, I thank you for your reply Loony, but I need English.....appreciate your help.

  • Seems the old new account won't let me post..........


    I would like information on how to enable my rootkit scanner, I thank you for your reply Loony, but I need English.....appreciate your help.


    Hi Brandi,


    Welcome to the Official BitDefender Forum. :)


    About the problem... after looking at the topic that loony posted, I found out this:


    OK, did you maybe have the Standalone Rootkit scanner of BitDefender?


    And I want to ask you something else namely to do the following:


    Go in registry and look for PROFOS and TRUFOS in HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services if they are there, extinguish please.


    These are from the Standalone Rootkit scanners, and it can do his this the problem is.


    After you have extinguished them, tries to carry out please the scanning again.


    MfG,


    Rudi Gabriel Bedy


    I do not know German, so I used an online German-English Translator.


    The above solution appears to have solved the problem for loony.


    I also have those keys in the Registry, but I don't have any problems (the Rootkit Scanner works fine), but you can try the suggestion.


    About your account problem... try to send a PM to one of the Moderators (Rudy Bedy, Florin Stiuca) and see if they can help you.


    Normally, you'r posting abilities are blocked for a few minutes after posting something. It's a precaution against SPAMMING. But you should be able to post if you wait a few minutes.


    Cris.

  • khufu
    edited May 2007

    Go to divece manager, select View check Show hidden devices.Now look for Non plug and play drivers and locate profos driver and see if it work properly.


    If it has issue, you can uninstall it and try to do a BD repair.


    @Cris : It`s normal to have those registry, coz they are related to rootkit scanner.


    After you uninstall the driver you have to delete the registry that Cris mentioned in his post, if they are present.


    Sorry for double post.

  • Go to divece manager, select View check Show hidden devices.Now look for Non plug and play drivers and locate profos driver and see if it work properly.


    If it has issue, you can uninstall it and try to do a BD repair.


    @Cris : It`s normal to have those registry, coz they are related to rootkit scanner.


    After you uninstall the driver you have to delete the registry that Cris mentioned in his post, if they are present.


    Sorry for double post.


    Thank you all for your responses to my question....


    I deleted those two keys before I had a chance to do what you suggested about searching the device manager....I did go there and the Profos Driver is not there.


    In regard to "stand alone".....I purchased BD Security V10 package in February. I am on dialup and it was probably a contributing factor to the original complete download possibly being messed up. I believe I had to re-connect at the time, and did not delete all the files that first came in...anyway, at that time, and God forgive me...I didn't recall rootkit being there....however, as I progressed in un-installing, re-installing, removing all the old, etc...(slow learner..) I just ASSUMED Rootkit was part of the original package that maybe just didn't get installed with the original setup....I looked at the product description on the site, and it showed "new" rootkit feature....which makes me think it was NOT included with the original purchase? I don't know....when you say stand alone, is that assuming I purchased each "feature" of BD at separate times? I am sorry if I am sounding confused....I take care of Alzheimer's patients and I think it's contagious...


    Anyway....if in my original package Sec. V10...it did NOT come with Rootkit, then I would like to add it...if I have to purchase "stand alone?" please advise. See, I still have great faith in the product.... :P


    Let me know what I need to do to get the rootkit thingy going. If I have to completely uninstall, and re-install, that's ok. I hope you forgive me for my confusion, as some of it was due to the "patches" and "upgrades" that were established by the Co. shortly after my purchasing...I was hardly used to the program itself, let alone getting the fixes. Please advise as to what I need to do now to get this last puzzle piece to fit.


    Sincerely and apologetically,


    B.

  • Hi Brandi,


    Here is the link for BD IS 10 with rootkit inside.


    I advice you to uninstall BD, delete all files and folders of it.


    Delete also the registry that Rudy Bedy posted, clear Temp files, clear your registry, restart your system and install BD again.


    I hope this time your Rootkit scan will work.


    khufu

  • Hi Brandi,


    Here is the link for BD IS 10 with rootkit inside.


    I advice you to uninstall BD, delete all files and folders of it.


    Delete also the registry that Rudy Bedy posted, clear Temp files, clear your registry, restart your system and install BD again.


    I hope this time your Rootkit scan will work.


    khufu


    Thanks, Khufu..


    I am prepared to do all...I have a question though, pertaining to registry. That is like a land mine field to me...


    Will CCleaner take care of the registry keys after I uninstall BD? If not, please advise. I know how to do a search, delete all BD, Softwin, etc....but not sure bout' that registry part. Once I hear back, I will attempt to do the fix.


    Thanks.


    B.

  • vladx
    edited June 2007

    Hello Brandi


    Download the uninstall tool from here, run it and delete the Softwin folder after that. ;)

  • NAMOR
    edited June 2007

    I was having the same problem, so here is what I did (the manual delete of reg entries may not be necessary)...


    1.Downloaded the uninstall tool that vladx posted


    2.went to add/remove and uninstalled Bitdefender.


    3.booted in to safe mode (hold F8 while booting). Some of the other uninstall tools that I have recieved from other AV venders need you to boot into safe mode before using them. Since it wan't mentioned here I thought it couldn't hurt.


    4.deleted the Softwin folder in C:\Program Files\Common Files. (didn't see any other folders in C:\Program Files\ or C:\Documents and Settings\All Users\Application Data or C:\Documents and Settings\xxxxxx\Application Data.


    5. ran the uninstall tool.


    ---step 6 may not be necessary---


    6. went to start > run > and typed regedit > navigated to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services > deleted the entries for PROFOS and TRUFOS.


    7. rebooted


    8. reinstalled Bitdender.


    Now the rootkit scanner works fine, like I said manual removal of the reg entries may not be necessary. I just didn't want to go through the removal process twice.


    On a side note, this removal process reset my trial period... I'm not sure if it has to do with the removal tool. Before the the uninstall (listed in step 2) my trial period had 19 days left (trialled it earlier), now I have 30 days again. Just thought I should bring it up to support's attention.

  • khufu
    edited June 2007

    Hi Brandi,


    I you know haw to manual delete the registry, is more secure to delete them in this way, because you are sure that all BD registry will be deleted.


    If you use the Uninstall tool you have to delete all BD folders left in(search for them in programs files\softwin; programs files\common files; Documents and Settings\All Users\Application Data).


    EDIT: Uninstall tool does not delete the registry from HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services


    Post back if you result.


    khufu

  • Everyone,


    Thank you so much for all the great advice. I have to do some yardwork til later this afternoon. Then, I will attempt to perform the fix. Again, appreciate all the tips and help. I have a few more questions, but will reserve those for down the road....;)


    Sincerely,


    B.

  • Hi Brandi


    You can also give microsoft uninstaller cleanup a try:


    http://download.microsoft.com/download/e/9...1bd/msicuu2.exe


    Install it and look after any remaints that have BitDefender or Softwin in the name. If they are there select them and press on remove. If you do that also with the other suggestions. Then you may be 100 % sure that BD is uninstalled. Reboot afterwards.


    Regards


    Niels