You may cancel your Bitdefender subscription from Bitdefender Central or by contacting Customer Support at: https://www.bitdefender.com/consumer/support/help/
Thank you for your understanding.
How Can I Remove
what can i do to remove this trojans..pls help
Comments
-
Post here the scan log.
0 -
BitDefender Log File !!!!!
Product : BitDefender Total Security 2008
Version : BitDefender UIScanner v.11
Log date : 16:07:16 25/09/2008
Log path : C:\Documents and Settings\All Users\Application Data\BitDefender\Desktop\Profiles\Logs\deep_scan\1222380436_1_02.xml
Scan Paths:Path0000: C:\
Path0001:
\
Path0002: E:\
Scan Options:Scan for viruses : Yes
Scan for adware : Yes
Scan for spyware : Yes
Scan for applications : Yes
Scan for dialers : Yes
Scan for rootkits : Yes
Target selection options:Scan registry keys : Yes
Scan cookies : Yes
Scan boot sectors : Yes
Scan memory processes : Yes
Scan archives : Yes
Scan runtime packers : Yes
Scan emails : Yes
Scan all files : Yes
Heuristic Scan : Yes
Scanned extensions :
Excluded extensions :
Target ProcessingDefault action for infected objects : Disinfect
Default action for suspicious objects : None
Default action for hidden objects : None
Scan engines summaryNumber of virus signatures : 1809667
Archive plugins : 43
Email plugins : 6
Scan plugins : 12
Archive plugins : 43
System plugins : 5
Unpack plugins : 7
Overall scan summaryScanned items : 357273
Infected items : 12
Suspicious items : 0
Resolved items : 0
Individual viruses found : 7
Scanned directories : 7870
Scanned boot sectors : 11
Scanned archives : 13811
Input-output errors : 58
Scan time : 00:02:03:02
Files per second : 48
Scanned processes summaryScanned : 56
Infected : 0
Scanned registry keys summaryScanned : 371
Infected : 0
Scanned cookies summaryScanned : 0
Infected : 0
Remaining issues:Object Name Threat Name Final Status
C:\Documents and Settings\Mohamed\Local Settings\Temp\sfsrv.exe=](ZIP Sfx o)=]4.exe Trojan.Agent.AAUX Infected (no action was possible, file was in an archive)
C:\Documents and Settings\Mohamed\Local Settings\Temp\sfsrv.exe=](ZIP Sfx o)=]5.exe=](ZIP Sfx o)=]MSA.cpl Trojan.FakeAV.AO Infected (no action was possible, file was in an archive)
C:\System Volume Information\_restore{D5341F9C-33F7-43CF-8BD2-1AE937C9BA1B}\RP44\A0006800.exe=](ZIP Sfx o)=]MSA.cpl Trojan.FakeAV.AO Infected (no action was possible, file was in an archive)
C:\Documents and Settings\Mohamed\Local Settings\Temp\sfsrv.exe=](ZIP Sfx o)=]0.exe Trojan.FakeAV.BH Infected (no action was possible, file was in an archive)
C:\Documents and Settings\Mohamed\Local Settings\Temp\sfsrv.exe=](ZIP Sfx o)=]5.exe=](ZIP Sfx o)=]msa0.dat Trojan.FakeAlert.ACZ Infected (no action was possible, file was in an archive)
C:\Documents and Settings\Mohamed\Local Settings\Temp\sfsrv.exe=](ZIP Sfx o)=]5.exe=](ZIP Sfx o)=]msa1.dat Trojan.FakeAlert.ACZ Infected (no action was possible, file was in an archive)
C:\System Volume Information\_restore{D5341F9C-33F7-43CF-8BD2-1AE937C9BA1B}\RP44\A0006800.exe=](ZIP Sfx o)=]msa0.dat Trojan.FakeAlert.ACZ Infected (no action was possible, file was in an archive)
C:\System Volume Information\_restore{D5341F9C-33F7-43CF-8BD2-1AE937C9BA1B}\RP44\A0006800.exe=](ZIP Sfx o)=]msa1.dat Trojan.FakeAlert.ACZ Infected (no action was possible, file was in an archive)
C:\Documents and Settings\Mohamed\Local Settings\Temp\sfsrv.exe=](ZIP Sfx o)=]5.exe=](ZIP Sfx o)=]MSA.exe Trojan.FakeAlert.AEO Infected (no action was possible, file was in an archive)
C:\System Volume Information\_restore{D5341F9C-33F7-43CF-8BD2-1AE937C9BA1B}\RP44\A0006800.exe=](ZIP Sfx o)=]MSA.exe Trojan.FakeAlert.AEO Infected (no action was possible, file was in an archive)
C:\Documents and Settings\Mohamed\Local Settings\Temp\sfsrv.exe=](ZIP Sfx o)=]2.exe Trojan.Generic.598275 Infected (no action was possible, file was in an archive)
C:\Documents and Settings\Mohamed\Local Settings\Temp\sfsrv.exe=](ZIP Sfx o)=]3.exe Trojan.Generic.598382 Infected (no action was possible, file was in an archive)
Resolved issues:Object Name Threat Name Final Status
Objects that were not scanned:Object Name Reason Final Status
C:\SWSETUP\Adobe2\US\Data1.cab=]RdrMsgENU.pdf Password-Protected No action was possible0 -
First of all read this: http://forum.bitdefender.com/index.php?showtopic=3575
After this...
Download ATF (Atribune Temp File) Cleaner© by Atribune to your desktop.
http://www.atribune.org/ccount/click.php?id=1
Double-click ATF Cleaner.exe to open it
Under Main choose: Select all
Then click the Empty Selected button.
If you use Firefox:
Click Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click NO at the prompt.
If you use Opera:
Click Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click NO at the prompt.
Click Exit on the Main menu to close the program.
Do a rescan with BitDefender and come back here with the log .0 -
Hi crysty2ks
thx in advance
here is the scan result after using ATF-Cleaner
BitDefender Log File !!!!!
Product : BitDefender Total Security 2008
Version : BitDefender UIScanner v.11
Log date : 14:48:56 26/09/2008
Log path : C:\Documents and Settings\All Users\Application Data\BitDefender\Desktop\Profiles\Logs\deep_scan\1222462136_1_02.xml
Scan Paths:Path0000: C:\
Path0001:\
Path0002: E:\
Scan Options:Scan for viruses : Yes
Scan for adware : Yes
Scan for spyware : Yes
Scan for applications : Yes
Scan for dialers : Yes
Scan for rootkits : Yes
Target selection options:Scan registry keys : Yes
Scan cookies : Yes
Scan boot sectors : Yes
Scan memory processes : Yes
Scan archives : Yes
Scan runtime packers : Yes
Scan emails : Yes
Scan all files : Yes
Heuristic Scan : Yes
Scanned extensions :
Excluded extensions :
Target ProcessingDefault action for infected objects : Disinfect
Default action for suspicious objects : None
Default action for hidden objects : None
Scan engines summaryNumber of virus signatures : 1815679
Archive plugins : 43
Email plugins : 6
Scan plugins : 12
Archive plugins : 43
System plugins : 5
Unpack plugins : 7
Overall scan summaryScanned items : 355479
Infected items : 4
Suspicious items : 0
Resolved items : 0
Individual viruses found : 3
Scanned directories : 7799
Scanned boot sectors : 11
Scanned archives : 13783
Input-output errors : 60
Scan time : 00:02:06:32
Files per second : 46
Scanned processes summaryScanned : 54
Infected : 0
Scanned registry keys summaryScanned : 371
Infected : 0
Scanned cookies summaryScanned : 0
Infected : 0
Remaining issues:Object Name Threat Name Final Status
C:\System Volume Information\_restore{D5341F9C-33F7-43CF-8BD2-1AE937C9BA1B}\RP44\A0006800.exe=](ZIP Sfx o)=]MSA.cpl Trojan.FakeAV.AO Infected (no action was possible, file was in an archive)
C:\System Volume Information\_restore{D5341F9C-33F7-43CF-8BD2-1AE937C9BA1B}\RP44\A0006800.exe=](ZIP Sfx o)=]msa0.dat Trojan.FakeAlert.ACZ Infected (no action was possible, file was in an archive)
C:\System Volume Information\_restore{D5341F9C-33F7-43CF-8BD2-1AE937C9BA1B}\RP44\A0006800.exe=](ZIP Sfx o)=]msa1.dat Trojan.FakeAlert.ACZ Infected (no action was possible, file was in an archive)
C:\System Volume Information\_restore{D5341F9C-33F7-43CF-8BD2-1AE937C9BA1B}\RP44\A0006800.exe=](ZIP Sfx o)=]MSA.exe Trojan.FakeAlert.AEO Infected (no action was possible, file was in an archive)
Resolved issues:Object Name Threat Name Final Status
Objects that were not scanned:Object Name Reason Final Status
C:\SWSETUP\Adobe2\US\Data1.cab=]RdrMsgENU.pdf Password-Protected No action was possible0 -
ok do this, go to
Right click on My Computer, then go to Properties -> System Restore. In that tab, enable the option Disable System Restore on all drives and click Apply.
this will delete the
C:\System Volume Information\_restore{D5341F9C-33F7-43CF-8BD2-1AE937C9BA1B}\RP44\A0006800.exe=](ZIP Sfx o)=]MSA.cpl Trojan.FakeAV.AO Infected (no action was possible, file was in an archive)
C:\System Volume Information\_restore{D5341F9C-33F7-43CF-8BD2-1AE937C9BA1B}\RP44\A0006800.exe=](ZIP Sfx o)=]msa0.dat Trojan.FakeAlert.ACZ Infected (no action was possible, file was in an archive)
C:\System Volume Information\_restore{D5341F9C-33F7-43CF-8BD2-1AE937C9BA1B}\RP44\A0006800.exe=](ZIP Sfx o)=]msa1.dat Trojan.FakeAlert.ACZ Infected (no action was possible, file was in an archive)
C:\System Volume Information\_restore{D5341F9C-33F7-43CF-8BD2-1AE937C9BA1B}\RP44\A0006800.exe=](ZIP Sfx o)=]MSA.exe Trojan.FakeAlert.AEO Infected (no action was possible, file was in an archive)
if this is a virus:
C:\SWSETUP\Adobe2\US\Data1.cab=]RdrMsgENU.pdf
(and you confirmed it)
download unlocker
www.download.com/Unlocker/3000-2248_4-10493998.html
and when installed right click on the Data1.cab=]RdrMsgENU.pdf file and press unlock! then you can take it from there and delete it.0 -
I told you to read this: http://forum.bitdefender.com/index.php?showtopic=3575
You will "kill" the viruses from System Volume Information.0
