Jump to content

Recommended Posts

  • Replies 59
  • Created
  • Last Reply

Top Posters In This Topic

Top Posters In This Topic

Done the restart. All looks well so far (opened this site easily). Roguekiller came back good (i think):

RogueKiller V7.6.3 [07/08/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User: teng [Admin rights]

Mode: Scan -- Date: 07/14/2012 10:29:35

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Registry Entries: 3 ¤¤¤

[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND

[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

127.0.0.1 localhost

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: TOSHIBA MK5065GSX +++++

--- User ---

[MBR] b920a0ccdea031bc9d9ac6253324ac86

[bSP] a410d9d5efb87cb824bf361decd494b6 : Windows 7 MBR Code

Partition table:

0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 15999 Mo

1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 32768000 | Size: 100 Mo

2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 32972800 | Size: 460839 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[26].txt >>

RKreport[10].txt ; RKreport[11].txt ; RKreport[12].txt ; RKreport[13].txt ; RKreport[14].txt ;

RKreport[15].txt ; RKreport[16].txt ; RKreport[17].txt ; RKreport[18].txt ; RKreport[19].txt ;

RKreport[1].txt ; RKreport[20].txt ; RKreport[21].txt ; RKreport[22].txt ; RKreport[23].txt ;

RKreport[24].txt ; RKreport[25].txt ; RKreport[26].txt ; RKreport[2].txt ; RKreport[3].txt ;

RKreport[4].txt ; RKreport[5].txt ; RKreport[6].txt ; RKreport[7].txt ; RKreport[8].txt ;

RKreport[9].txt

Just running a full scan MBAM for a final check. Also could you give me some info on how to and which antimalware programs I can uninstall and which logs etc I can get rid off. Thanks so much

Link to post
Share on other sites

Great thumbsup.gif

Yes the log is clean, use it and run RogueKiller again tomorrow and if it shows any infections, let me know.

Let me know either way.

A little clean up to do....

Please Uninstall ComboFix: (if you used it)

Press the Windows logo key + R to bring up the "run box"

Copy and paste next command in the field:

ComboFix /uninstall

Make sure there's a space between Combofix and /

cf2.jpg

Then hit enter.

This will uninstall Combofix, delete its related folders and files, hide file extensions, hide the system/hidden files and clears System Restore cache and create new Restore point

---------------------------------

Please download OTL from one of the links below: (you may already have OTL on the system)

http://oldtimer.geekstogo.com/OTL.exe

http://oldtimer.geekstogo.com/OTL.com

Save it to your desktop.

Run OTL and hit the CleanUp button. (This will cleanup the tools and logs used including itself)

Any other programs or logs you can manually delete.

IE: RogueKiller.exe, RKreport.txt, RK_Quarantine folder, etc....

MrC

Link to post
Share on other sites

Thanks so much for your help. I will let you know if Roguekiller detects anything tomorrow.

Also jsut out of interest, is there anything I can do to remove the Win32/Ramnit.L virus and am I currently infected with it

Link to post
Share on other sites

Usually Win32/Ramnit.L virus infects hundreds of files, you only had one detected.

ESET Online Scanner usually picks them all up.

There's no way to clean the system, just have format and reinstall.

Here's a couple of links explaining it:

http://miekiemoes.bl...s-throwing.html

http://forums.malwar...ndpost&p=320816

MrC

Link to post
Share on other sites

I checked my MSE history and it found a Trojan: WinNT/Ramnit.gen!A last night. I'll run a scan now to check. But it couldn't delete it. This is the error message:

Error code 0x80508023. The program could not find the malware and other potentially unwanted software on this computer.

Link to post
Share on other sites

Thanks for the links. After reading all the information I think I'll backup my documents and just do a complete system restore (to factory settings). That should do it (right?). Thanks so much for all your help over the past few hours, you're awesome

Link to post
Share on other sites

Since this issue is resolved I will close the thread to prevent others from posting here. If you need assistance please start your own topic and someone will be happy to assist you.

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.


Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.