Jump to content

severn

Members
  • Posts

    3
  • Joined

  • Last visited

Reputation

0 Neutral
  1. The MBAM scan shows there to be one, I scanned again just after sending you that log and its still there? Vendor - Trojan.Zaccess Category - Registry Key Item - HKLM\SYSTEM\CurrentControlSet\Services\letadpug Thank you.
  2. RogueKiller V8.6.8 [sep 2 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.adlice.com/forum/ Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://tigzyrk.blogspot.com/ Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version Started in : Normal mode User : tonyburrows [Admin rights] Mode : Scan -- Date : 09/03/2013 15:38:28 | ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 3 ¤¤¤ [HID SVC][Hidden from API] HKLM\[...]\CCSet\[...]\Services : . e () -> FOUND [HID SVC][Hidden from API] HKLM\[...]\CS001\[...]\Services : . e () -> FOUND [HID SVC][Hidden from API] HKLM\[...]\CS003\[...]\Services : . e () -> FOUND ¤¤¤ Scheduled tasks : 0 ¤¤¤ ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [LOADED] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts 127.0.0.1 localhost 130.21.200.70 interact ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: WDC WD5002AALX-00J37A0 +++++ --- User --- [MBR] c2492b95b633c1b450eae71348b08f72 [bSP] 319e50761544d0c0a3690b816c7affb4 : Windows XP MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 476939 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[0]_S_09032013_153828.txt >> RKreport[0]_D_09022013_115041.txt;RKreport[0]_D_09022013_115146.txt;RKreport[0]_D_09022013_120425.txt RKreport[0]_S_09022013_111654.txt;RKreport[0]_S_09022013_114959.txt;RKreport[0]_S_09022013_115140.txt RKreport[0]_S_09022013_120417.txt Thank you!
  3. Hi There, I have a user who was recently infected with a large number of viruses, most of which I could handle except for 1. After everything this Trojan.Zaccess virus remains? I have used MBAM, MBAR, Forefront, Rkill, Sophos, Ultimate boot CD, Rougekiller, TDSSkiller, AdwCleaner, ProcessExplorer, regdelnull and FRST. None have worked. As I have disconnected this machine from the network I was hoping someone with experience with this type of virus could help step me through a manual removal. Any and all help is welcome and would be greatly appreciated, if you require any information just let me know! Thank you, Ryan.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.