Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

TR/Drop.Agent.qna.2 & TR/Crypt.ZPack.Gen Trojan

Started by TwinDiddy , Jul 19 2009 09:26 AM

  • Please log in to reply

#1
TwinDiddy
Posted 19 July 2009 - 09:26 AM

TwinDiddy

    New Member

  • Member
  • Pip
  • 1 posts
My virus scan showed the following viruses: TR/Drop.Agent.qna.2 & TR/Crypt.ZPack.Gen Trojan among others. The others, I'm not so sure are viruses but I have them in quarantine anyways (Avira). So I ran the steps from G2g, and still having major issues with my computer. For example, I tried to get on G2g chat, it took about an hour for the box to load. Maybe a problem with my java? I have no clue. The biggest issue I am having, is I CAN'T FIND MY F DRIVE! HOLY crap, right :) !?! My F drive is a 500gb harddrive that I store everything on, and my computer can't find it. PLEASE HELP ME!!!!

Thanks in advance,
TwinDiddy

ROOTREPEAL © AD, 2007-2009
==================================================
Scan Start Time: 2009/07/19 11:41
Program Version: Version 1.3.2.0
Windows Version: Windows XP SP3
==================================================

Drivers
-------------------
Name: dump_atapi.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys
Address: 0xB87FD000 Size: 98304 File Visible: No Signed: -
Status: -

Name: dump_WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
Address: 0xF79BB000 Size: 8192 File Visible: No Signed: -
Status: -

Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xB6C24000 Size: 49152 File Visible: No Signed: -
Status: -

SSDT
-------------------
#: 041 Function Name: NtCreateKey
Status: Hooked by "<unknown>" at address 0xf7a9d236

#: 053 Function Name: NtCreateThread
Status: Hooked by "<unknown>" at address 0xf7a9d22c

#: 063 Function Name: NtDeleteKey
Status: Hooked by "<unknown>" at address 0xf7a9d23b

#: 065 Function Name: NtDeleteValueKey
Status: Hooked by "<unknown>" at address 0xf7a9d245

#: 098 Function Name: NtLoadKey
Status: Hooked by "<unknown>" at address 0xf7a9d24a

#: 122 Function Name: NtOpenProcess
Status: Hooked by "<unknown>" at address 0xf7a9d218

#: 128 Function Name: NtOpenThread
Status: Hooked by "<unknown>" at address 0xf7a9d21d

#: 193 Function Name: NtReplaceKey
Status: Hooked by "<unknown>" at address 0xf7a9d254

#: 204 Function Name: NtRestoreKey
Status: Hooked by "<unknown>" at address 0xf7a9d24f

#: 247 Function Name: NtSetValueKey
Status: Hooked by "<unknown>" at address 0xf7a9d240

#: 257 Function Name: NtTerminateProcess
Status: Hooked by "<unknown>" at address 0xf7a9d227

==EOF==

Edited by TwinDiddy, 19 July 2009 - 11:01 AM.

  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP