Am Bitdefender Internet Security 2008

Am BitDefender Internet Security 2008 cu licenta pana in 2009 si azi la scanare mi-a gasit "Rogue.AntiVirus XP 2008" si "Trojan.Dropper/Gen" apoi s-a blocat calculatorul ,i-am dat restart manual an "safe mode" ,am rescanat ,iar la repornire normala am urmatoarele probleme:


- in toolbars langa ceas apare "VIRUS ALERT!"


- pe ecran apare "Windows warning message", si nu pot sa mai schimb imaginea de pe desktop


- nu pot sa mai fac sistem restore (nu mai am decat un singur punct de restore ,cel de azi)


- in bara de start-menu nu mai am niciun program


-nu mai am partitia C in my computer


Am facut alt user si totul este normal , cum pot sa refac si userul existent la normal.


Multumesc!

Comentarii

  • Descarca Malwarebytes Anti-Malware si salveaza-l pe Desktop.


    Instaleaza-l si la sfarsit asigura-te ca ai bifat urmatoarele: Update Malwarebytes' Anti-Malware si Launch Malwarebytes' Anti-Malware. Apoi apasa Finish.


    Dupa lansarea programului, selecteaza Perform full scan si apoi apasa pe Scan.


    La terminarea scanarii apasa OK si apoi Show Results. Asigura-te ca e totul bifat si apoi apasa Remove Selected.


    La final se va deschide un fisier in Notepad cu rezultatele scanarii. Posteaza continutul lui aici.

  • eugennico
    editat septembrie 2008

    Am descarcat programul dar nu pot sa-l instalez zice ca nu sant logat cu drepturi de administrator desi sant singurul administrator pe calculator ,nu mai pot instala niciun program sau sa mut vreun fisier zice ca e folosit sau e protejat....


    Malwarebytes' Anti-Malware 1.26


    Versiunea bazei de date: 1104


    Windows 5.1.2600 Service Pack 2


    02.09.2008 20:19:26


    mbam-log-2008-09-02 (20-19-17).txt


    Tipul scanarii: Scanare rapida


    Obiecte scanate: 52219


    Timp trecut: 2 minute(s), 0 second(s)


    Procese din memorie afectate: 0


    Module de memorie afectate: 0


    Chei de registri infectate: 9


    Valori din registri afectate: 2


    Elemente din registri infectate: 1


    Foldere infectate: 11


    Fisiere infectate: 11


    Procese din memorie afectate:


    (Nici un element periculos nu a fost detectat)


    Module de memorie afectate:


    (Nici un element periculos nu a fost detectat)


    Chei de registri infectate:


    HKEY_CLASSES_ROOT\sai.instantiator (Adware.180Solutions) -> No action taken.


    HKEY_CLASSES_ROOT\sai.instantiator.1 (Adware.180Solutions) -> No action taken.


    HKEY_CLASSES_ROOT\CLSID\{6fd31ed6-7c94-4bbc-8e95-f927f4d3a949} (Adware.180Solutions) -> No action taken.


    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\tdssdata (Trojan.Agent) -> No action taken.


    HKEY_LOCAL_MACHINE\SOFTWARE\tdss (Trojan.Agent) -> No action taken.


    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> No action taken.


    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\VSPlugin (Trojan.FakeAlert) -> No action taken.


    HKEY_CLASSES_ROOT\gksraemq.bgow (Trojan.FakeAlert) -> No action taken.


    HKEY_CLASSES_ROOT\gksraemq.toolbar.1 (Trojan.FakeAlert) -> No action taken.


    Valori din registri afectate:


    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectD


    elayLoad\dgksvbpn (Trojan.FakeAlert) -> No action taken.


    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectD


    elayLoad\xrdwbfgn (Trojan.FakeAlert) -> No action taken.


    Elemente din registri infectate:


    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProductId (Trojan.FakeAlert) -> Bad: (VIRUS ALERT!) Good: (55274-649-1088227-23404) -> No action taken.


    Foldere infectate:


    C:\Documents and Settings\Eugen\Application Data\rhctfvj0e9cc (Rogue.Multiple) -> No action taken.


    C:\Documents and Settings\Eugen\Application Data\rhctfvj0e9cc\Quarantine (Rogue.Multiple) -> No action taken.


    C:\Documents and Settings\Eugen\Application Data\rhctfvj0e9cc\Quarantine\Autorun (Rogue.Multiple) -> No action taken.


    C:\Documents and Settings\Eugen\Application Data\rhctfvj0e9cc\Quarantine\Autorun\HKCU (Rogue.Multiple) -> No action taken.


    C:\Documents and Settings\Eugen\Application Data\rhctfvj0e9cc\Quarantine\Autorun\HKCU\RunOnce (Rogue.Multiple) -> No action taken.


    C:\Documents and Settings\Eugen\Application Data\rhctfvj0e9cc\Quarantine\Autorun\HKLM (Rogue.Multiple) -> No action taken.


    C:\Documents and Settings\Eugen\Application Data\rhctfvj0e9cc\Quarantine\Autorun\HKLM\RunOnce (Rogue.Multiple) -> No action taken.


    C:\Documents and Settings\Eugen\Application Data\rhctfvj0e9cc\Quarantine\Autorun\StartMenuAllUsers (Rogue.Multiple) -> No action taken.


    C:\Documents and Settings\Eugen\Application Data\rhctfvj0e9cc\Quarantine\Autorun\StartMenuCurrentUser (Rogue.Multiple) -> No action taken.


    C:\Documents and Settings\Eugen\Application Data\rhctfvj0e9cc\Quarantine\BrowserObjects (Rogue.Multiple) -> No action taken.


    C:\Documents and Settings\Eugen\Application Data\rhctfvj0e9cc\Quarantine\Packages (Rogue.Multiple) -> No action taken.


    Fisiere infectate:


    C:\WINDOWS\system32\blphcpfvj0e9cc.scr (Trojan.FakeAlert) -> No action taken.


    C:\WINDOWS\system32\tdssadw.dll (Trojan.Agent) -> No action taken.


    C:\WINDOWS\system32\tdssl.dll (Trojan.Agent) -> No action taken.


    C:\WINDOWS\system32\tdssserf.dll (Trojan.Agent) -> No action taken.


    C:\WINDOWS\system32\tdssmain.dll (Trojan.Agent) -> No action taken.


    C:\WINDOWS\system32\tdssinit.dll (Trojan.Agent) -> No action taken.


    C:\WINDOWS\system32\tdsslog.dll (Trojan.Agent) -> No action taken.


    C:\WINDOWS\system32\tdssservers.dat (Trojan.Agent) -> No action taken.


    C:\WINDOWS\system32\drivers\tdssserv.sys (Trojan.Agent) -> No action taken.


    C:\WINDOWS\system32\phcpfvj0e9cc.bmp (Trojan.FakeAlert) -> No action taken.


    C:\Documents and Settings\Eugen\Application Data\Microsoft\Internet Explorer\Quick Launch\Antivirus XP 2008.lnk (Rogue.Antivirus2008) -> No action taken.


    Sa rezolvat cate ceva


    MULTUMESC!!!!

  • rootkit
    rootkit ✭✭✭
    editat septembrie 2008

    Ba nu s-a rezolvat !


    De ce ai dat scanare rapida ? Da-i completa !!!!!!!


    Ai bifat alea toate si ai dat remove ?


    Se vede in log ca nu: No action taken.


    Ruleaza inca o data scanul(dar complet de data asta) si da-i remove la tot ce gaseste !


    Revii cu log-ul aici !

  • Malwarebytes' Anti-Malware 1.26


    Versiunea bazei de date: 1103


    Windows 5.1.2600 Service Pack 2


    03.09.2008 10:17:01


    mbam-log-2008-09-03 (10-17-01).txt


    Tipul scanarii: Scanare totala (C:\|D:\|E:\|)


    Obiecte scanate: 243018


    Timp trecut: 12 hour(s), 40 minute(s), 28 second(s)


    Procese din memorie afectate: 0


    Module de memorie afectate: 0


    Chei de registri infectate: 0


    Valori din registri afectate: 0


    Elemente din registri infectate: 0


    Foldere infectate: 0


    Fisiere infectate: 1


    Procese din memorie afectate:


    (Nici un element periculos nu a fost detectat)


    Module de memorie afectate:


    (Nici un element periculos nu a fost detectat)


    Chei de registri infectate:


    (Nici un element periculos nu a fost detectat)


    Valori din registri afectate:


    (Nici un element periculos nu a fost detectat)


    Elemente din registri infectate:


    (Nici un element periculos nu a fost detectat)


    Foldere infectate:


    (Nici un element periculos nu a fost detectat)


    Fisiere infectate:


    C:\System Volume Information\_restore{53BF4B56-77BD-4BCF-B18B-325F49C0D90D}\RP1\A0000001.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.

  • Daca mai ai probleme, descarca SmitFraudFix. Ruleaza-l, alegi a doua optiune si totul va reveni la normal.


    SmitfraudFix_1.png