Jump to content

cra0

Members
  • Posts

    15
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Thankyou MrCharlie for helping me out your assiant saved me from a reformat Much appreciated!!!

  2. I guess my system is running fine for now thankyou so much for helping me out!
  3. Malwarebytes Anti-Malware 1.62.0.1300 www.malwarebytes.org Database version: v2012.08.03.06 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Cihan :: SOLBUDAKHOME2 [administrator] 4/08/2012 2:17:30 AM mbam-log-2012-08-04 (07-46-09).txt Scan type: Full scan (C:\|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 1117619 Time elapsed: 3 hour(s), 6 minute(s), 14 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (end)
  4. https://www.virustotal.com/file/e38eb7c934eb3070068f50bc5dddac3df7fa6a26a9c146c3d7c33fa1e2dab68f/analysis/1344009571/
  5. Ran Combofix here is the log my icons are moveable again yeaaa! Hope all the viruses are gone combo_fix_log.zip
  6. Followed your instructions and posted log, i should also say that my desktop icons are glitched now they wont stay in position when I refresh they all align back to the left hand side TDSSKiller.2.7.48.0_04.08.2012_00.47.35_log.txt here is the virus scan malwarebytes from before i forgot to post, Thankyou so much for taking the time to help me out !! much appreciated mbam-log-2012-08-03 (22-38-44).txt
  7. Fixlog.txt Fix result of Farbar Recovery Tool (FRST written by Farbar) Version: 25-07-2012 01 Ran by SYSTEM at 2012-08-04 00:35:00 Run:1 Running from J:\ ============================================== C:\Windows\Installer\{36e31ede-48a4-4afa-3a3d-d6f343032cf4} moved successfully. ==== End of Fixlog ====
  8. Ok the scan is running will post results when it's done. I should say I ran some antivirus that detected services.exe to be infected and it removed and replaced it is that good?
  9. RogueKiller V7.6.4 [07/17/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User: Cihan [Admin rights] Mode: Scan -- Date: 08/03/2012 22:48:32 ¤¤¤ Bad processes: 0 ¤¤¤ ¤¤¤ Registry Entries: 5 ¤¤¤ [sUSP PATH] HKLM\[...]\RunOnce : DCERegBootClean64 (C:\Windows\RegBootClean64.exe) -> FOUND [HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND [HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND [HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ [ZeroAccess][FILE] @ : c:\windows\installer\{36e31ede-48a4-4afa-3a3d-d6f343032cf4}\@ --> FOUND [ZeroAccess][FOLDER] U : c:\windows\installer\{36e31ede-48a4-4afa-3a3d-d6f343032cf4}\U --> FOUND [ZeroAccess][FOLDER] L : c:\windows\installer\{36e31ede-48a4-4afa-3a3d-d6f343032cf4}\L --> FOUND ¤¤¤ Driver: [NOT LOADED] ¤¤¤ ¤¤¤ Infection : ZeroAccess ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ 74.208.10.249 gs.apple.com ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: ST2000DL003-9VT166 ATA Device +++++ --- User --- [MBR] 68788fbcb98bb2d3367fac5f84540b39 [bSP] 3cfc57663abb2195f66e045b394cdbf0 : Windows 7 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 1907627 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[1].txt >> RKreport[1].txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.