Welcome Guest ( Log In | Register )

 
Reply to this topicStart new topic
> Trogan.heur.fu.gqz@acp5atm, Cannot remove torgan
SiulverPoint
post Apr 29 2012, 12:56 PM
Post #1


Newbie


Group: Members
Posts: 6
Joined: 10-December 11
Member No.: 84,367



Bitdefender Intternet Security 2012 reports that I have the Trogan.Heur.FU.gqz@aCp5atm trogan on my laptop and it cannot remove it. It talks about rebooting in rescue mode to remove it. What is that? How do I do that? Why cannot bit defender remove the virus?
Go to the top of the page
 
+Quote Post
Christian
post Apr 29 2012, 02:39 PM
Post #2


Bitdefender Support
******

Group: Root Admin
Posts: 14,012
Joined: 27-January 08
From: BitDefender HQ
Member No.: 9,374



Hello (IMG:style_emoticons/default/smile.gif)

Welcome to the forums.

Do you have a ticket ID in the system? Could you please post it here?

In order to be able to assist you please run a Full System Scan task with Bitdefender and send us the resulting scan report.

[how to GENERATE A FULL SYSTEM SCAN LOG]
- Before running the scan please make sure that you have the latest virus definitions downloaded via the Update module.
For this you need to open Bitdefender and from the main interface click on Update now;

- After the update process has completed successfully you can proceed to
running the scan task.
In the same window go to Antivirus and press the Scan now button =>Full system scan.
- After the scan has finished you need to submit the scan log file.

This is accomplished by running the Support tool file that can be
downloaded from this location:

http://www.bitdefender.com/files/Knowledge...or_scanlogs.exe

Save the file prior to running it and to continue you need to accept the terms of use.
At the end of this process an archive will be created on your Desktop starting with bdamst.
. Send me that file via PM.

Have a great weekend!
Go to the top of the page
 
+Quote Post
SiulverPoint
post Apr 29 2012, 04:43 PM
Post #3


Newbie


Group: Members
Posts: 6
Joined: 10-December 11
Member No.: 84,367



QUOTE (Christian @ Apr 29 2012, 02:39 PM) *
Hello (IMG:style_emoticons/default/smile.gif)

Welcome to the forums.

Do you have a ticket ID in the system? Could you please post it here?

In order to be able to assist you please run a Full System Scan task with Bitdefender and send us the resulting scan report.

[how to GENERATE A FULL SYSTEM SCAN LOG]
- Before running the scan please make sure that you have the latest virus definitions downloaded via the Update module.
For this you need to open Bitdefender and from the main interface click on Update now;

- After the update process has completed successfully you can proceed to
running the scan task.
In the same window go to Antivirus and press the Scan now button =>Full system scan.
- After the scan has finished you need to submit the scan log file.

This is accomplished by running the Support tool file that can be
downloaded from this location:

http://www.bitdefender.com/files/Knowledge...or_scanlogs.exe

Save the file prior to running it and to continue you need to accept the terms of use.
At the end of this process an archive will be created on your Desktop starting with bdamst.
. Send me that file via PM.

Have a great weekend!


I am not sure what a ticket id is

I am currently running fiull scan again to send to you

A few odd things I have noticed. Each time I run the full scan it finds about 90 cookies which it detects and deletes, with just the Trogan.Heur.FU which it cannot remove. However when I go back and run the scan again the 90 odd items are found again. I can see that they have been found again in the current scan I will be sending you

I also found the rescue mode functionality earlier and booted into it, but it could not find the trogan anywhere.

Other than the fact that Bit Defender shows we have this Trogan, the obvious sympton is that when you log into one of the accounts (which is not admin), the tiles pop up asking you to provide an admin password because something is trying to make a change to the file system. Obviously I just click No each time.
Go to the top of the page
 
+Quote Post
SiulverPoint
post Apr 29 2012, 05:13 PM
Post #4


Newbie


Group: Members
Posts: 6
Joined: 10-December 11
Member No.: 84,367



Christian,

I did the scan and ran the logging tool to create a file called BDAMST.zip on my desktop but when I try and attach it in these forums it says the upload fialed because you are not permitted to upload this type of file...

Go to the top of the page
 
+Quote Post
Christian
post Apr 29 2012, 06:21 PM
Post #5


Bitdefender Support
******

Group: Root Admin
Posts: 14,012
Joined: 27-January 08
From: BitDefender HQ
Member No.: 9,374



Hello (IMG:style_emoticons/default/smile.gif)

Welcome back!

Upload the file on:

http://www.sendspace.com

or

http://www.mediafire.com

and send me a PM with the download link.

If you were already asked to generate the log file, disregard the message above and just post the ticket ID.

Have a nice day!
Go to the top of the page
 
+Quote Post
SiulverPoint
post Apr 30 2012, 07:44 AM
Post #6


Newbie


Group: Members
Posts: 6
Joined: 10-December 11
Member No.: 84,367



Christian

The file is found at http://www.sendspace.com/file/nt6a5x

However, since the strange admin prompt on login was only happening on the one user I decided to simply delete that user completely from the laptop and create it again from scratch

Since I did that, Bit Defender no longer detects the trogan on doing a scan. This seems too simple as a way to remove a virus to me. What do you think?
Go to the top of the page
 
+Quote Post
Christian
post Apr 30 2012, 09:54 AM
Post #7


Bitdefender Support
******

Group: Root Admin
Posts: 14,012
Joined: 27-January 08
From: BitDefender HQ
Member No.: 9,374



Hello (IMG:style_emoticons/default/smile.gif)

I can see from the scan logs that you are using an old Java version.

Please clear Java cache:

http://www.java.com/en/download/help/plugin_cache.xml

Go to Control Panel an uninstall all the current versions and install Java 7 Update 4.

http://www.oracle.com/technetwork/java/jav...ad-1591157.html

For 32 bit systems install jre-7u4-windows-i586.exe

For 64 bit systems, please install jre-7u4-windows-i586.exe and jre-7u4-windows-x64.exe (in this order).

Download and install the software and then run it to clean your computer's registry and temporary files:

http://download.piriform.com/ccsetup318.exe

http://www.piriform.com/docs/ccleaner/usin...gistry-cleaning

Once the cleaning is complete it's recommended to restart your computer.

If you have a registry cleaner already installed, you can use that one.

After this, update Bitdefender from the main interface, run a Full System Scan and send me back the logs like you did last time.

Take care.
Go to the top of the page
 
+Quote Post

Reply to this topicStart new topic
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:

 



RSS Lo-Fi Version Time is now: 24th November 2014 - 03:42 AM