Bitd Repair Installs Malware
BitD was disabled by a previous attack & now periodically can update but cant run any OnDemand or Context scan. Doing a Repair restores the malware to its worst state: all rt-clk is disabled, any input field(wordpad,..) is slowly filled with '~'s, and Tab key is used repeatedly to move focus of input.
I repeated what I did b4 by restoring a previous Registry using ERUNT so malware couldnt start up & then uninstalled BitD but the behavior persists. I dual boot XP which I am running on now.
Never got the BitD Rescue CD to work but I can :
1- Try burning Rescue CD again ): &/or
2- Install BitD on this OS, Unhide infected OS which will appear as last
drive J, then run BitD on J alone (:
Any & all comments/suggestions are welcome. I have BartPE, PartMagic, & [removed] CD that r all bootable.
Your help is MUCH appreciated. Thanks- bye- Larry
Comments
-
1- Try burning Rescue CD again )
CD burned OK & all apps work but 0 NTFS partition show on Desktop " />
Rescue CD seems to be useless at least to me. Why write it in Linux? Just confuses everything.
Your help is MUCH appreciated. Thanks- bye- Larry0 -
I bought BitD from http://www.citationsoft.com/contact.htm - any chance they infected it ?
Your help is MUCH appreciated. Thanks- bye- Larry0 -
Hello LarryL,
Try the BitDefender online scanner.
Can you please download combofix you will find it here. Print the following instructions and read them carefully.
Please download disk heal. Install it afterwards click on start,my computer,Program Files,Disk Heal,Disk Heal v1.48 and double click on Disk Heal .exe click on tweaks tab after you have done that select security tweaks uncheck the option disable right clicking and reboot your pc.
Try to download the installer package from this location:
Antivirus You need to click on bitdefender_antivirus_2009_32b.exe or if you are using a 64 bit version you need to click on x64 and download bitdefender_antivirus_2009_64b.exe.
Kind regards,
Niels0 -
Hello LarryL,
Try the BitDefender online scanner.
Can you please download combofix you will find it here. Print the following instructions and read them carefully.
Please download disk heal. Install it afterwards click on start,my computer,Program Files,Disk Heal,Disk Heal v1.48 and double click on Disk Heal .exe click on tweaks tab after you have done that select security tweaks uncheck the option disable right clicking and reboot your pc.
Try to download the installer package from this location:
Antivirus You need to click on bitdefender_antivirus_2009_32b.exe or if you are using a 64 bit version you need to click on x64 and download bitdefender_antivirus_2009_64b.exe.
Kind regards,
Niels
Greetings & thank you for your response.
Unfortunately I may only respond every 3-5 days because I have pressing medical problem right now that everything else has taken a back seat to. So don't think that my tardy responses indicate a lack of effort on my part.
I've only had time to glance at your suggestions but I can tell you that the only two ways I can reliably run any software are either from a bootable CD or the second option in my original post: unhiding the infected operating system so it becomes drive (I) and using the scan engines that I can install on my backup system. The problem of course is that any registry scans that are done will be done on my backup systems registry not the infected registry.
I did image the infected OS about every 10 days and I always keep about two but I don't know if it will go back far enough! I think I can go into the infected system with Bart's PE and determine just that and possibly just scratch the partition and restore a previous image.
Your help is MUCH appreciated.
Thanks- bye- Larry0 -
Hello LarryL,
Try the BitDefender online scanner.
Hi Niels.
Restored Registry of 10/14 of my infected OS & am now running on my main not my backup system
BitD online scanner would load but not not d/l signatures.
Did run Threatfire scanner + online scanners of Kaspersky & TrendMicro & MS. Each found 0 to 2 trojans of mild severety which I deleted.
Processes running r all familiar as are all startups in 8 or so Registry locations. Used http://www.bleepingcomputer.com/forums/How...are-tut101.html .
I may install latest BitD in Safe Mode since trojan seems to know alot about BitD!! Maybe I should install a different AV?
Any & all comments/suggestions are welcome.
Your help is MUCH appreciated. Thanks- bye- Larry0 -
Try the BitDefender online scanner.
Got BitD installed but no Tray icon. Did Full System Scan(then I had an icon in the Tray) that found nothing.
Do u agree it must be gone? Any & all comments/suggestions are welcome.
Your help is MUCH appreciated. Thanks- bye- Larry0 -
First of all the instalation kit should be one from the bitdefender website ,BD ftp server or from a genuine disc.
Second install Spybot Search & Distroy ,Malwarebytes Antimalware ,SuperantiSpyware,prevX CSi ,Dr WebCure IT,a-squared antimalware free and F-Secure Blacklight.Use all this free scaners(one by one) and after updating them run full system scans with the network adapter turned off,system restore on all partitions turned off ,recycle bin turned off and Recycled folders deleted on all partitions,temp folders cleaned up.
When the scaner alows you to run them in safe mode do the scans in safe mode.
Also before reinstalling BD use the BD Uinstall Tool and reinstall/repair Microsoft Visual C++ 2005/2008 Redistributable.
Terminal Services service should be enabled in Windows Services otherwise the task bar icon may not appear.
If the problmes continue you will need to do a clean Windows instalation eventually.
Any other security software should be removed before installing BD and all traces of those software should also be removed.
Do not use on your computer cracked software or keygens they install in 99% of the cases malware(trojans ,rootkits).
Good Luck!0 -
First of all the instalation kit should be one from the bitdefender website ,BD ftp server or from a genuine disc.
Terminal Services service should be enabled in Windows Services otherwise the task bar icon may not appear.
Any other security software should be removed before installing BD and all traces of those software should also be removed.
Do not use on your computer cracked software or keygens they install in 99% of the cases malware(trojans ,rootkits).
Greetings 'Sm3K3R' & thank you for your response.
All of the above was helpful but Terminal Services was disabled so setting it to Auto solved the problem.
Your help is MUCH appreciated. Thanks- bye- Larry0 -
Greetings 'Sm3K3R' & thank you for your response.
All of the above was helpful but Terminal Services was disabled so setting it to Auto solved the problem.
Your help is MUCH appreciated. Thanks- bye- Larry
Glad i could help you!0 -
@ LarryL
Next time when you post warez here, you account will be suspended.0 -
@ LarryL
Next time when you post warez here, you account will be suspended.
Sorry but I didnt mean to: I posted no link to it & my cd was made 2+ yrs ago & caused no problems. Is the a master list of what is warez? How does 1 know?
Your help is MUCH appreciated. Thanks- bye- Larry0