Infected W/ TrojanGen2 :( Help Appreciated
I will wait for further instruction. So it's all about 'location.' Since then my Symantec Endpoint protection has shown me scan after scan 20/30 trojan.gen and trojan.gen2 being quarantined. Thanks! If I run a scan it finds both the virus and says the problem is resolved only to find that they return almost as soon as the scan is finished. http://themousedepot.com/infected-w/infected-w-i-don-t-know-what.html
Please post the "C:\ComboFix.txt" for further review ****Note: Do not mouseclick combofix's window while it's running. But the instructions in DDS say:\ ** Include the contents of both logs in your new topic. So please do not use slang or idioms. Many rootkits can hook into the Windows 32-bit kernel, and patch several APIs to hide new registry keys and files they install.
Thanks as always.File Attachment: 09142012_163656.log Quads Norton Fighter25 Reg: 21-Jul-2008 Posts: 16,481 Solutions: 182 Kudos: 3,388 Kudos0 Re: Infected with Trojan.Gen.2 and Trojan.ZeroAccess. Posted: 05-Sep-2012 | 5:44PM • Permalink After Restarting the system, Start FSS and tick all the options that are listed, then run a Scan. Post back the log (FSS.txt) Quads Alex_790 Best regards, Dmitri If you would like to refer to this comment somewhere else in this project, copy and paste the following link: Log in to post a comment.
Thanks! Share this post Link to post Share on other sites This topic is now closed to further replies. Luckily I had a firefox browser so I was able to get onto that and download Ad-Aware and the problem was solved. You should decide which you want and uninstall the other: AV: Lavasoft Ad-Watch Live!
Need Help. In the command window type e:\frst.exe or frst64.exe and press EnterNote: Replace letter e with the drive letter of your flash drive. Please do not use any other cleaning programs or scans while I'm helping you, unless I direct you to. check it out As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged
Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.NOTE: At the top of your post, click on the Watch Quads Alex_790 Contributor4 Reg: 29-Aug-2012 Posts: 13 Solutions: 0 Kudos: 0 Kudos0 Re: Infected with Trojan.Gen.2 and Trojan.ZeroAccess. It is an active infection, but in the temp files. Who knows what will happen in future, as time goes by, everything might change.
If you choose this option to get help, please let me know.I recommend you to keep the instructions I will be giving you so that they are available to you at Then I can better recommend what to remove. C:\Windows\TEMP\mc28D9E.tmp The system cannot find the file specified. ! ? Posted: 08-Sep-2012 | 7:58AM • Permalink The scan results are posted.
Several functions may not work. this content cheers, scott DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 11.0.9600.17420 BrowserJavaVersion: 10.71.2 Run by Scott at 22:31:53 on 2014-12-05 Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.12270.8894 [GMT -6:00] . Thanks for your understanding. Now What Do I Do?
Thanks as always. Quads File Attachment: fixlist.txt Alex_790 Contributor4 Reg: 29-Aug-2012 Posts: 13 Solutions: 0 Kudos: 0 Kudos0 Re: Infected with Trojan.Gen.2 and Trojan.ZeroAccess. Dec 5, 2010 #10 kryspy99 TS Rookie Topic Starter Posts: 26 Hello Hi It may be a few days before I can do this next step.. weblink On the System Recovery Options menu you will get the following options: Startup RepairSystem RestoreWindows Complete PC RestoreWindows Memory Diagnostic ToolCommand Prompt Select Command Prompt In the command window type in notepad and
In the main box please paste in the following script: process; services-list; systemspecs; startupall; filesrcm; Make sure that Scan All Users option is checked. Many thanks. Perform everything in the correct order.
There are no more notifications from Symantec for the Trojan Gen 2 and ZeroAcccess files.
scanning hidden autostart entries ... Any help would be greatly appreciated. Back to top #2 caintry_boy caintry_boy The Reason For The Season Moderators 23,676 posts Gender:Male Location:Kansas Posted 02 August 2012 - 08:21 PM Hello I seem to be infected with these I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me KnowIf I Have Not Replied To One Of My Topics In
I appreciate your help!MalwarebytesMalwarebytes Anti-Malware 126.96.36.1990www.malwarebytes.orgDatabase version: v2012.07.24.02Windows Vista Service Pack 2 x64 NTFSInternet Explorer 9.0.8112.16421Nate :: NATE-PC [administrator]23-07-2012 22:54:08mbam-log-2012-07-23 (22-54-08).txtScan type: Quick scanScan options enabled: Memory | Startup | Registry Here are the results from otmoveit: All processes killed ========== PROCESSES ========== ========== FILES ========== DllUnregisterServer procedure not found in C:\Users\Shane\AppData\Local\Temp\Low\adsldpf.dll C:\Users\Shane\AppData\Local\Temp\Low\adsldpf.dll moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users Ask a Question See Latest Posts TechSpot Forums are dedicated to computer enthusiasts and power users. http://themousedepot.com/infected-w/infected-w-imsmn-please-help.html Ask a question and give support.
Select your user account and click Next. Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. On a side note-Do I risk other peoples computers by sending them emails and documents currently? C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\atieclxx.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k
button. When done, DDS.txt will open. If Combofix reboot's due to a rootkit, the screen may stay black for several minutes on reboot, this is normal If after running Combofix you receive any type of warning message You should consider them to be compromised.
NOTE: Do NOT have HijackThis fix anything yet! Anti-Virus AV: Symantec Endpoint Protection FW: Symantec Endpoint Protection> firewall okay SP: Lavasoft Ad-Watch Live! *Disabled/Updated> antimalware okay SP: Symantec Endpoint Protection *Disabled/Updated> antimalware okay SP: Windows Defender *Disabled/Updated* > antimalware Unfortunately, with the amount of threads means the waiting time is longer, Norton continually Blocking files won't hurt your system but is is just annoying, Please wait and be patient. I Posted: 10-Sep-2012 | 8:10PM • Permalink The logs as requested.File Attachment: Extras.Txt OTL.Txt Quads Norton Fighter25 Reg: 21-Jul-2008 Posts: 16,481 Solutions: 182 Kudos: 3,388 Kudos0 Re: Infected with Trojan.Gen.2 and Trojan.ZeroAccess.
Please read these for more information:Help: I Got Hacked. Any help would be much appreciated. Sometimes one step requires the previous one. If you want to proceed on your own, please let me know.One or more of the identified infections is related to a nasty rootkit component which is difficult to remove.
© Copyright 2017 themousedepot.com. All rights reserved.