Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Trojan horse Generic26.AJBX [Solved]


  • This topic is locked This topic is locked

#46
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Download RogueKiller to your desktop

  • Quit all running programs
  • For Vista/Seven, right click -> run as administrator, for XP simply run RogueKiller.exe
  • When prompted, type 6 and validate
  • The RKreport.txt shall be generated next to the executable.
  • If the program is blocked, do not hesitate to try several times. If it really does not work (it could happen), rename it to winlogon.exe
Please post the contents of the RKreport.txt in your next Reply.

Rebuilding the Icon Cache Database

1. Close all folder windows that are currently open.
2. Launch Task Manager using the CTRL+SHIFT+ESC key sequence, or by running taskmgr.exe.
3. In the Process tab, right-click on the Explorer.exe process and select End Process.
4. Click the End process button when asked for confirmation.
5. From the File menu of Task Manager, select New Task (Run…)
6. Type CMD.EXE, and click OK
7. In the Command Prompt window, type the commands one by one and press ENTER after each command:

CD /d %userprofile%\AppData\Local
DEL IconCache.db /a
EXIT


8. In Task Manager, click File, select New Task (Run…)
9. Type EXPLORER.EXE, and click OK.
Note: %userprofile% represents the path to user profile folder

Run an elevated command prompt

Go Start > All Programs > Accessories
Right click Command Prompt and select run as Admin
In the black box type the following :

Sfc /scannow

Once it has completed reboot and let me know what problems remain
  • 0

Advertisements


#47
windoftime2

windoftime2

    Member

  • Topic Starter
  • Member
  • PipPip
  • 36 posts
RogueKiller V6.2.0 [12/12/2011] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo...13-roguekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Started in : Normal mode
User: Jason [Admin rights]
Mode: Shortcuts HJfix -- Date : 12/26/2011 13:00:57

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Driver: [LOADED] ¤¤¤

¤¤¤ File attributes restored: ¤¤¤
Desktop: Success 1 / Fail 0
Quick launch: Success 1 / Fail 0
Programs: Success 14 / Fail 0
Start menu: Success 1 / Fail 0
User folder: Success 83 / Fail 0
My documents: Success 0 / Fail 0
My favorites: Success 0 / Fail 0
My pictures: Success 0 / Fail 0
My music: Success 0 / Fail 0
My videos: Success 0 / Fail 0
Local drives: Success 110 / Fail 0
Backup: [NOT FOUND]

Drives:
[C:] \Device\HarddiskVolume2 -- 0x3 --> Restored
[D:] \Device\CdRom0 -- 0x5 --> Skipped
[E:] \Device\SCDEmu\SCDEmuCd0 -- 0x5 --> Skipped
[F:] \Device\SCDEmu\SCDEmuCd1 -- 0x5 --> Skipped
[G:] \Device\SCDEmu\SCDEmuCd2 -- 0x5 --> Skipped
[H:] \Device\SCDEmu\SCDEmuCd3 -- 0x5 --> Skipped

¤¤¤ Infection : ¤¤¤

Finished : << RKreport[1].txt >>
RKreport[1].txt
  • 0

#48
windoftime2

windoftime2

    Member

  • Topic Starter
  • Member
  • PipPip
  • 36 posts
Also a program called acrobat X pro keeps trying to download randomly even though i already have that program...
  • 0

#49
windoftime2

windoftime2

    Member

  • Topic Starter
  • Member
  • PipPip
  • 36 posts
Windows Resource Protection did not find any integrity violations.
  • 0

#50
windoftime2

windoftime2

    Member

  • Topic Starter
  • Member
  • PipPip
  • 36 posts
When i rebooted it say Windows failed to start up then game me options to restore/repair or start windows normally

Wireless still doesn't connect automatically forgetting password to wireless.

Icons still missing now they are just setup looking icons.

Still cannot use any of those Disk cleanup defragmentor or any of those programs.

Edited by windoftime2, 26 December 2011 - 01:29 PM.

  • 0

#51
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
I need to re-use combofix - ensure the old copy is deleted

Download and Install Combofix

Download ComboFix from one of the following locations:
Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop

* IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
  • Double click on ComboFix.exe & follow the prompts.
  • Accept the disclaimer and allow to update if it asks

    Posted Image

    Posted Image
  • When finished, it shall produce a log for you.
  • Please include the C:\ComboFix.txt in your next reply.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.
3. If after the reboot you get errors about programmes being marked for deletion then reboot, that will cure it.



Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now
  • 0

#52
windoftime2

windoftime2

    Member

  • Topic Starter
  • Member
  • PipPip
  • 36 posts
ComboFix 11-12-27.01 - Jason 12/27/2011 11:48:12.2.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3326.2506 [GMT -6:00]
Running from: c:\users\Jason\Downloads\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2011-11-27 to 2011-12-27 )))))))))))))))))))))))))))))))
.
.
2011-12-27 18:01 . 2011-12-27 18:01 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-12-26 18:58 . 2011-12-26 18:59 111872 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2011-12-24 16:46 . 2011-12-17 01:20 626688 ----a-w- c:\program files\Mozilla Firefox\msvcr80.dll
2011-12-24 16:46 . 2011-12-17 01:20 548864 ----a-w- c:\program files\Mozilla Firefox\msvcp80.dll
2011-12-24 16:46 . 2011-12-17 01:20 479232 ----a-w- c:\program files\Mozilla Firefox\msvcm80.dll
2011-12-24 16:46 . 2011-12-24 21:11 43992 ----a-w- c:\program files\Mozilla Firefox\mozutils.dll
2011-12-23 16:19 . 2011-12-27 18:01 -------- d-----w- c:\users\Jason\AppData\Local\temp
2011-12-23 16:01 . 2011-04-25 02:18 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2011-12-22 21:35 . 2011-12-22 21:35 -------- d-----w- C:\_OTL
2011-12-22 20:34 . 2011-12-22 20:34 -------- d-----w- c:\program files\Tweaking.com
2011-12-21 00:54 . 2011-12-22 20:35 -------- d-----w- C:\temp
2011-12-12 09:47 . 2011-12-12 09:47 -------- d-----w- c:\users\Jason\AppData\Local\Chromium
2011-12-12 09:47 . 2011-12-22 00:46 -------- d-----w- c:\users\Jason\AppData\Roaming\ArcheAge
2011-12-12 09:42 . 2011-12-22 00:44 -------- d-----w- c:\program files\ArcheAge
2011-11-28 21:32 . 2011-12-04 04:04 -------- d-----w- c:\program files\Common Files\BioWare
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-24 11:25 . 2011-07-24 07:14 140072 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-11-24 11:25 . 2011-07-24 07:15 280904 ----a-w- c:\windows\system32\PnkBstrB.xtr
2011-11-24 11:25 . 2011-07-24 07:14 280904 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-11-24 11:01 . 2011-07-24 07:14 280904 ----a-w- c:\windows\system32\PnkBstrB.ex0
2011-11-22 08:50 . 2011-07-24 07:14 138056 ----a-w- c:\users\Jason\AppData\Roaming\PnkBstrK.sys
2011-11-22 08:49 . 2011-07-24 07:14 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2011-11-03 09:23 . 2011-11-03 09:23 281760 ----a-w- c:\windows\system32\drivers\atksgt.sys
2011-11-03 09:23 . 2011-11-03 09:23 25888 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2011-10-29 03:02 . 2011-06-28 00:18 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-22 11:21 . 2011-10-22 11:21 65536 ----a-w- c:\windows\system32\frapsvid.dll
2011-10-15 08:53 . 2011-10-29 06:19 919872 ----a-w- c:\windows\system32\nvdispco32.dll
2011-10-15 08:53 . 2011-10-29 06:19 877376 ----a-w- c:\windows\system32\nvgenco32.dll
2011-10-15 08:53 . 2011-10-29 06:19 61248 ----a-w- c:\windows\system32\OpenCL.dll
2011-10-15 08:53 . 2011-10-29 06:19 5578560 ----a-w- c:\windows\system32\nvcuda.dll
2011-10-15 08:53 . 2011-10-29 06:19 2401088 ----a-w- c:\windows\system32\nvcuvid.dll
2011-10-15 08:53 . 2011-10-29 06:19 2099520 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-10-15 08:53 . 2011-10-29 06:19 18871616 ----a-w- c:\windows\system32\nvoglv32.dll
2011-10-15 08:53 . 2011-10-29 06:19 17248576 ----a-w- c:\windows\system32\nvcompiler.dll
2011-10-15 08:53 . 2011-10-29 06:19 13205312 ----a-w- c:\windows\system32\nvd3dum.dll
2011-10-15 08:53 . 2011-10-29 06:19 10327360 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2011-10-15 08:53 . 2011-05-26 18:43 7041856 ----a-w- c:\windows\system32\nvwgf2um.dll
2011-10-15 08:53 . 2011-05-26 18:43 2458432 ----a-w- c:\windows\system32\nvapi.dll
2011-10-15 08:53 . 2011-04-08 03:45 602432 ----a-w- c:\windows\system32\easyupdatusapiu.dll
2011-10-15 08:53 . 2011-04-08 03:45 203072 ----a-w- c:\windows\system32\nvmctray.dll
2011-10-15 08:53 . 2011-04-08 03:45 1136448 ----a-w- c:\windows\system32\nvvsvc.exe
2011-10-15 08:53 . 2011-04-08 03:44 6350144 ----a-w- c:\windows\system32\nvcpl.dll
2011-10-15 08:53 . 2011-04-08 03:44 3840320 ----a-w- c:\windows\system32\nvsvc.dll
2011-10-15 08:53 . 2010-03-23 23:25 123712 ----a-w- c:\windows\system32\nvshext.dll
2011-10-15 05:54 . 2011-10-15 05:54 321856 ----a-w- c:\windows\system32\nvStreaming.exe
2011-10-07 11:23 . 2011-10-07 11:23 230608 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2011-10-04 11:21 . 2011-10-04 11:21 16720 ----a-w- c:\windows\system32\drivers\AVGIDSShim.sys
2011-12-24 21:11 . 2011-05-26 18:33 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-12-23_16.37.50 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-05-24 03:16 . 2011-12-27 17:40 33786 c:\windows\System32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
- 2009-07-14 04:55 . 2011-12-23 16:05 38622 c:\windows\System32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 04:55 . 2011-12-27 17:40 38622 c:\windows\System32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2011-05-24 00:41 . 2011-12-27 17:40 13464 c:\windows\System32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2096996257-4211928804-478179605-1000_UserData.bin
- 2011-12-23 16:03 . 2011-12-23 16:37 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-12-27 17:37 . 2011-12-27 17:37 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-12-23 16:03 . 2011-12-23 16:37 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-12-27 17:37 . 2011-12-27 17:37 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 02:05 . 2011-12-23 16:10 660022 c:\windows\System32\perfh009.dat
+ 2009-07-14 02:05 . 2011-12-27 17:42 660022 c:\windows\System32\perfh009.dat
+ 2009-07-14 02:05 . 2011-12-27 17:42 120950 c:\windows\System32\perfc009.dat
- 2009-07-14 02:05 . 2011-12-23 16:10 120950 c:\windows\System32\perfc009.dat
+ 2009-07-14 04:34 . 2011-12-24 21:23 108112 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
- 2009-07-14 04:47 . 2011-12-23 16:02 395588 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 04:47 . 2011-12-27 06:58 395588 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 02:03 . 2011-12-23 18:34 7340032 c:\windows\System32\SMI\Store\Machine\schema.dat
+ 2009-07-14 02:03 . 2011-12-25 18:16 7340032 c:\windows\System32\SMI\Store\Machine\schema.dat
+ 2011-05-26 18:48 . 2011-12-27 06:58 8671390 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2096996257-4211928804-478179605-1000-8192.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files\Steam\steam.exe" [2011-09-25 1242448]
"Akamai NetSession Interface"="c:\users\Jason\AppData\Local\Akamai\netsession_win.exe" [2011-12-13 3305760]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Elements 6.0\apdproxy.exe" [2007-09-11 67488]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2010-04-12 180224]
"RaidCall"="c:\program files\raidcall\raidcall.exe" [2011-08-05 2043904]
"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2011-12-03 2415456]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux5"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2011-06-06 17:55 937920 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2011-01-07 18:12 253672 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2011-09-01 685816]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [x]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [x]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
R3 EagleXNt;EagleXNt;c:\windows\system32\drivers\EagleXNt.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [x]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2011-05-25 139368]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4640000]
R3 RTL8192su;%RTL8192su.DeviceDesc.DispName%;c:\windows\system32\DRIVERS\RTL8192su.sys [2010-01-07 583680]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-05-24 1343400]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam.sys [2008-05-06 11520]
R3 XDva385;XDva385;c:\windows\system32\XDva385.sys [x]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [2011-07-11 23120]
S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [2011-09-13 32592]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [2011-10-07 230608]
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2011-07-11 295248]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 TunngleService;TunngleService;c:\program files\Tunngle\TnglCtrl.exe [2011-10-14 745832]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-07-11 134736]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-07-11 24272]
S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\AVGIDSShim.Sys [2011-10-04 16720]
S3 RTL8187B;Belkin Wireless G USB Network Adapter;c:\windows\system32\DRIVERS\rtl8187B.sys [2009-11-05 376832]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [2009-09-16 27136]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
FF - ProfilePath - c:\users\Jason\AppData\Roaming\Mozilla\Firefox\Profiles\v6mpz0xy.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: network.proxy.type - 0
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files\common files\akamai/netsession_win_b427739.dll"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-2096996257-4211928804-478179605-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:76,ad,7f,1f,14,3a,86,82,85,53,0d,f9,9d,e3,b3,55,87,51,e5,05,58,0f,41,
a3,03,ee,bc,cf,a8,c6,dc,1c,4b,71,e4,4c,45,80,5c,80,d3,b1,06,01,69,7d,78,6f,\
"??"=hex:69,6f,5c,46,6a,89,f9,ee,2d,48,e0,10,87,42,1e,12
.
[HKEY_USERS\S-1-5-21-2096996257-4211928804-478179605-1000\Software\SecuROM\License information*]
"datasecu"=hex:ca,ac,83,39,72,1f,b1,5e,44,eb,c4,34,80,d2,9a,e1,bd,41,0f,d0,63,
ad,8b,63,ac,9a,99,f7,d0,2b,79,cb,e9,4c,d7,1e,4e,bc,f4,89,42,b2,9b,9b,cf,99,\
"rkeysecu"=hex:82,3e,c6,2a,7a,c3,27,6c,bb,25,d7,23,89,24,e0,3a
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2011-12-27 12:03:14
ComboFix-quarantined-files.txt 2011-12-27 18:03
ComboFix2.txt 2011-12-23 16:41
.
Pre-Run: 57,285,824,512 bytes free
Post-Run: 57,222,041,600 bytes free
.
- - End Of File - - E43005EE28C31CC014FC3CC4D0C62A2F
  • 0

#53
windoftime2

windoftime2

    Member

  • Topic Starter
  • Member
  • PipPip
  • 36 posts
I have not gone anywhere on the internet except here so i couldn't have gotten a virus again.

Also i got a program called Acrobat pro X that tries to install sometimes when i click a program icon.
  • 0

#54
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Yep there is no malware remaining, but I needed to confirm that

OK with regards to acrobat could you ensure that the autoupdate is turned off

Are the icons still at default
  • 0

#55
windoftime2

windoftime2

    Member

  • Topic Starter
  • Member
  • PipPip
  • 36 posts
The icons look like setup icons for 5 programs.

Adobe Acrobat X Pro - English, Francais, Deutsch (10.0.3)

The file 'F:\programs\microsoft office\Adobe Acrobat X (10.0.3) Pro\SOFTWARE\' is not a valid installation package for the product Adobe Acrobat X Pro - English, Francais, Deutsch. Try to find installation package 'AcroPro.msi' in a folder from which you can install Adobe Acrobat X Pro - English, Francais, Deutsch.
  • 0

Advertisements


#56
windoftime2

windoftime2

    Member

  • Topic Starter
  • Member
  • PipPip
  • 36 posts
It tell me i don't have access to any of my program folders.

Also none of the accessories files work paint doesn't even work.
  • 0

#57
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Could you update Windows Repair (All-in-one)


and then run the following options


  • 0

#58
windoftime2

windoftime2

    Member

  • Topic Starter
  • Member
  • PipPip
  • 36 posts
I'm just restoring to factory settings. You can close the forum now, thanks for all your help i learned a lot of stuff. Sorry to have taken up some of your time.
  • 0

#59
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Not a problem. The aim here is to ensure you are happy

Enjoy :thumbsup:
  • 0

#60
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP