Trojan.fakeav.ki
Ok I have a trojan that bit defender cant get rid of. I have ran a scan a few times also started in safe mode. It runs IE and the only way i see it is to go into task manager/processes.
BitDefender Log File
Product : BitDefender Total Security 2009
Version : BitDefender UIScanner v.12
Scanning task : Deep System Scan
Log date : 5/14/2009 10:29:49 AM
Log path : C:\Documents and Settings\All Users\Application Data\Bitdefender\Desktop\Profiles\Logs\deep_scan\1242322189_3_02.xml
Scan Paths:Path 0000: C:\
Path 0001: 
\
Path 0002: E:\
Scan Options:Scan for viruses : Yes
Scan for adware : Yes
Scan for spyware : Yes
Scan for applications : Yes
Scan for dialers : Yes
Scan for rootkits : Yes
Target Selection Options:Scan registry keys : Yes
Scan cookies : Yes
Scan boot sectors : Yes
Scan memory processes : Yes
Scan archives : Yes
Scan runtime packers : Yes
Scan emails : No
Scan all files : Yes
Heuristic Scan : Yes
Scanned extensions :
Excluded extensions :
Target Processing:Default action for infected objects : Disinfect
Default action for suspicious objects : None
Default action for hidden objects : None
Default action for encrypted infected objects : None
Default action for encrypted suspicious objects : None
Default action for password-protected objects : Log as not scanned
Scan engines summaryNumber of virus signatures : 2970515
Archive plugins : 45
Email plugins : 6
Scan plugins : 13
System plugins : 5
Unpack plugins : 7
Overall scan summaryScanned items : 219207
Infected items : 14
Suspicious items : 0
Resolved items : 0
Unresolved items : 272
Password-protected items : 258
Overcompressed items : 0
Individual viruses found : 14
Scanned directories : 9758
Scanned boot sectors : 0
Scanned archives : 4128
Input-output errors : 0
Scan time : 00:43:36
Files per second : 83
Scanned processes summaryScanned : 60
Infected : 0
Scanned registry keys summaryScanned : 1331
Infected : 0
Scanned cookies summaryScanned : 253
Infected : 0
Remaining issues:Object Name Threat Name Final Status
\\?\globalroot\systemroot\system32\UACttaqnovbwxyekfa.dll Trojan.FakeAV.KI Disinfect Failed
\\?\globalroot\systemroot\system32\UACttaqnovbwxyekfa.dll Trojan.FakeAV.KI Disinfect Failed
\\?\globalroot\systemroot\system32\UACttaqnovbwxyekfa.dll Trojan.FakeAV.KI Disinfect Failed
\\?\globalroot\systemroot\system32\UACttaqnovbwxyekfa.dll Trojan.FakeAV.KI Disinfect Failed
\\?\globalroot\systemroot\system32\UACttaqnovbwxyekfa.dll Trojan.FakeAV.KI Disinfect Failed
\\?\globalroot\systemroot\system32\UACttaqnovbwxyekfa.dll Trojan.FakeAV.KI Disinfect Failed
\\?\globalroot\systemroot\system32\UACttaqnovbwxyekfa.dll Trojan.FakeAV.KI Disinfect Failed
\\?\globalroot\systemroot\system32\UACttaqnovbwxyekfa.dll Trojan.FakeAV.KI Disinfect Failed
\\?\globalroot\systemroot\system32\UACttaqnovbwxyekfa.dll Trojan.FakeAV.KI Disinfect Failed
\\?\globalroot\systemroot\system32\UACttaqnovbwxyekfa.dll Trojan.FakeAV.KI Disinfect Failed
\\?\globalroot\systemroot\system32\UACttaqnovbwxyekfa.dll Trojan.FakeAV.KI Disinfect Failed
\\?\globalroot\systemroot\system32\UACttaqnovbwxyekfa.dll Trojan.FakeAV.KI Disinfect Failed
\\?\globalroot\systemroot\system32\UACttaqnovbwxyekfa.dll Trojan.FakeAV.KI Disinfect Failed
\\?\globalroot\systemroot\system32\UACttaqnovbwxyekfa.dll Trojan.FakeAV.KI Disinfect Failed
Comments
-
hey there
this thread should help you out quite a bit...
I had this problem last night. It's a pretty easy fix.
http://forum.bitdefender.com/index.php?sho...amp;#entry57876
What I did was I downloaded combofix.exe, changed its name (the virus will prevent you from running it unless you change it to something), run it, and it will find the rootkits and get rid of them in a heartbeat.0
