Jump to content

mrsarcazim

Members
  • Posts

    6
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Your services are so valuable to us all, thank you. I will know who to send people to when they have issues.

  2. I saved the Log from the combo fix, it this the correct thing to send? I grabed it on my way to work before reading to grab the C:\ComboFix.txt I will get that posted too if it is different from the log log.txt
  3. FRST.txt and Search are attached. I would like to fix this then do a back-up of the files on this pc, then re-install windows. is there any danger of the trojen still being around after the back-up? FRST.txt Search.txt
  4. RogueKiller V7.6.6 [08/10/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User: emyat [Admin rights] Mode: Scan -- Date: 08/13/2012 17:07:49 ¤¤¤ Bad processes: 0 ¤¤¤ ¤¤¤ Registry Entries: 4 ¤¤¤ [HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND [HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND [HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ [ZeroAccess][FILE] @ : c:\windows\installer\{cd7802cc-a39a-b44f-b31f-f3425259e786}\@ --> FOUND [ZeroAccess][FOLDER] U : c:\windows\installer\{cd7802cc-a39a-b44f-b31f-f3425259e786}\U --> FOUND [ZeroAccess][FOLDER] L : c:\windows\installer\{cd7802cc-a39a-b44f-b31f-f3425259e786}\L --> FOUND [ZeroAccess][FILE] Desktop.ini : c:\windows\assembly\gac_32\desktop.ini --> FOUND [ZeroAccess][FILE] Desktop.ini : c:\windows\assembly\gac_64\desktop.ini --> FOUND [susp.ASLR][ASLR WIPED-OFF] services.exe : c:\windows\system32\services.exe --> FOUND ¤¤¤ Driver: [NOT LOADED] ¤¤¤ ¤¤¤ Infection : ZeroAccess ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: ST932032 5AS SATA Disk Device +++++ --- User --- [MBR] aebd6e46a75de7ae16bda5ac3233c2a5 [bSP] 4148003b3760080fa28a9622efdf9e22 : Windows Vista/7 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 288217 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 590678016 | Size: 16724 Mo 3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 624928768 | Size: 103 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[1].txt >> RKreport[1].txt
  5. I have been recently getting audio playing after the computer starts up. It sounds like ads and infomercials, and is pretty random. we have run many scans with malwarebytes pro and it sees the SVCHOST and when it tries to delete, my computer will not start up correctly. Attach.txt DDS.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.