You may cancel your Bitdefender subscription from Bitdefender Central or by contacting Customer Support at: https://www.bitdefender.com/consumer/support/help/
Thank you for your understanding.
Trojan.fakealert.ze
I am sure the answer to this question is already on this forum somewhere. Bitdefender is detecting 2 viruses but cannot disinfect the files(See below). In addition, I have somehow acquired a program AntivirXP08 (is this part of the Trojan virus) that is scanning my system, showing that I have 761 viruses. I have been unable to delete this program from "Add/remove programs". How do I remove these viruses? I have also attached a copy of the system scan
System>=>C:\WINDOWS\system32\pphcl1qj0ee81.exe (disk) Infected: Trojan.FakeAlert.ZE
<System>=>C:\WINDOWS\system32\pphcl1qj0ee81.exe (disk) Disinfection failed
<System>=>C:\WINDOWS\system32\pphcl1qj0ee81.exe (disk) Move failed
2. C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1022\ A0140927.exe Infected: Trojan.FakeAlert.ZE
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1022\
A0140927.exe Disinfection failed
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1022\
A0140927.exe Moved
Thank you for any help!
Comments
-
Hello anon,
Please open task manager by pressing : ctrl+alt+del(ete) or ctrl+left shift+escape. Be sure that the processes tab is high lighted press 1x on the process name colomn. See if you find a process running that is called pphcl1qj0ee81.exe. If that is the case please select it by left clicking on it and press on end task. Search also if there are any processes with random letters and numbers and processes with this name : XPAntivirus.exe
XPAntivirusUpdate.exe
xpa.exe
xpa2008.exe
If so end them all.
After that please go to start,my computer,double click on the icon off your hard disk with has in your case c: as name. Open the windows folder,right click on the system 32 folder and click on BitDefender Antivirus v10 and perform a scan. See if BitDefender can remove it now.
Please do this for the detections found in system volume information. Click on start,right click on my computer,choose properties,press on the system restore tab. Check the box disable system restore on all stations. Confirm the warning. Wait till everything is greyed out. After you have done that uncheck the option disable system restore on all stations press on apply and ok.
Kind regards,
Niels0 -
Neils,
I appreciate the help. This did not quite work. I have attached a few print screens of my current open processes and the BD scan of System 32..Any other thoughts.
Thanks0 -
Hello anon,
I can still see the process called pphcl1qj0ee81.exe running. Or was this a screenshot after you ran the scan?
Please download Deckard's System Scanner or here. You need to save it on your desktop. Close all other applications and windows. First right click on dss(.exe) and choose for run as administrator. Now double click on dss(.exe) Confirm the warnings. It can take a while. Please copy the content of main and extra textfiles. Extra will be minimized and paste it at your next post. Because it will be large spread them about a few posts.
Kind regards,
Niels0
