albrooks

RogueKiller V8.3.1 [Nov 29 2012] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website : http://tigzy.geekstogo.com/roguekiller.php Blog : http://tigzyrk.blogspot.com/ Operating System : Windows Vista (6.0.6002 Service Pack 2) 64 bits version Started in : Normal mode User : Alex [Admin rights] Mode : Scan -- Date : 12/01/2012 20:55:34 ¤¤¤ Bad processes : 1 ¤¤¤ [sUSP PATH] SansaDispatch.exe -- C:\Users\Alex\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe -> KILLED [TermProc] ¤¤¤ Registry Entries : 6 ¤¤¤ [RUN][sUSP PATH] HKCU\[...]\Run : SansaDispatch (C:\Users\Alex\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe) -> FOUND [RUN][sUSP PATH] HKUS\S-1-5-21-232412378-3118420049-1387226345-1000[...]\Run : SansaDispatch (C:\Users\Alex\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe) -> FOUND [HJ SMENU] HKCU\[...]\Advanced : Start_ShowRecentDocs (0) -> FOUND [HJ SMENU] HKCU\[...]\Advanced : Start_ShowPrinters (0) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ [ZeroAccess][FILE] @ : C:\Windows\Installer\{c75d2e20-8295-c66c-e7db-dd1ad177b5eb}\@ --> FOUND [ZeroAccess][FOLDER] U : C:\Windows\Installer\{c75d2e20-8295-c66c-e7db-dd1ad177b5eb}\U --> FOUND [ZeroAccess][FOLDER] L : C:\Windows\Installer\{c75d2e20-8295-c66c-e7db-dd1ad177b5eb}\L --> FOUND [ZeroAccess][FILE] Desktop.ini : C:\Windows\Assembly\GAC_32\Desktop.ini --> FOUND [ZeroAccess][FILE] Desktop.ini : C:\Windows\Assembly\GAC_64\Desktop.ini --> FOUND [susp.ASLR][FILE] services.exe : C:\Windows\system32\services.exe --> FOUND ¤¤¤ Driver : [NOT LOADED] ¤¤¤ ¤¤¤ Infection : ZeroAccess ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\Windows\system32\drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: WDC WD3200BEVT-26ZCT0 +++++ --- User --- [MBR] 76f7a621a0696ae31aa748887221febb [bSP] cd5988b3b6a3b05bf595ae3d20bada1e : Windows Vista MBR Code Partition table: 0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 293256 Mo 2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 603662336 | Size: 10488 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[1]_S_12012012_02d2055.txt >> RKreport[1]_S_12012012_02d2055.txt

# AdwCleaner v2.010 - Logfile created 12/01/2012 at 20:50:09 # Updated 29/11/2012 by Xplode # Operating system : Windows Vista Home Premium Service Pack 2 (64 bits) # User : Alex - ALEX-LAPTOP # Boot Mode : Normal # Running from : C:\Users\Alex\Downloads\adwcleaner.exe # Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** ***** [Registry] ***** Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E} Key Deleted : HKLM\Software\Freeze.com Key Deleted : HKLM\SOFTWARE\Software ***** [internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16421 [OK] Registry is clean. -\\ Mozilla Firefox v16.0.2 (en-US) Profile name : default File : C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\aybrdy52.default\prefs.js [OK] File is clean. ************************* AdwCleaner[s1].txt - [896 octets] - [01/12/2012 20:50:09] ########## EOF - C:\AdwCleaner[s1].txt - [955 octets] ##########

Results of screen317's Security Check version 0.99.56 Windows Vista Service Pack 2 x64 (UAC is enabled) Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Windows Security Center service is not running! This report may not be accurate! WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.65.1.1000 Java 6 Update 24 Java version out of Date! Adobe Flash Player 11.4.402.287 Adobe Reader 9 Adobe Reader out of Date! Mozilla Firefox 16.0.2 Firefox out of Date! ````````Process Check: objlist.exe by Laurent```````` `````````````````System Health check````````````````` Total Fragmentation on Drive C: 1 % ````````````````````End of Log``````````````````````

I'm currently using mozilla firefox and google chrome. When I try to click on a link after typing a topic in a search engine I'm being redicrect to a random site. Random tabs are opening as well. I can copy/paste the direct address, but not click and now can't sign in to any online accounts; I'm beind redirected to the sign in page. Attach.txt DDS.txt