Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

trojan/viruses need to remove/ log here


  • Please log in to reply

#1
flyingdumbbells

flyingdumbbells

    Member

  • Member
  • PipPip
  • 10 posts
Hi, I was having problems with abnow.com virus and seemed like a lot of other Trojans/virus's came with it too. After using Spy Emergency and tdsskiller I think I got rid of most of them, including abnow.com

Unfortunately I think just one problem remains as I have scanned with aswMBR version 0.9.9.1665 2011 AVAST SOFTWARE and it came up with the log that I have attached here, indicating an infection.

How do I remove this one?

Need some help here, thanks!

Attached File  aswMBR log.txt   2.24KB   28 downloads
  • 0

Advertisements


#2
flyingdumbbells

flyingdumbbells

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-03-21 13:34:58
-----------------------------
13:34:58.707 OS Version: Windows 6.1.7601 Service Pack 1
13:34:58.707 Number of processors: 2 586 0x1706
13:34:58.708 ComputerName: PHILLIP-PC UserName: Phillip
13:34:59.947 Initialize success
13:35:05.075 AVAST engine defs: 12032000
13:35:07.043 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
13:35:07.045 Disk 0 Vendor: TOSHIBA_MK5075GSX GT001U Size: 476940MB BusType: 11
13:35:07.061 Disk 0 MBR read successfully
13:35:07.063 Disk 0 MBR scan
13:35:07.068 Disk 0 Windows 7 default MBR code
13:35:07.080 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
13:35:07.089 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 274899 MB offset 206848
13:35:07.115 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 201938 MB offset 563200000
13:35:07.121 Disk 0 scanning sectors +976769024
13:35:07.174 Disk 0 scanning C:\Windows\system32\drivers
13:35:17.995 Service scanning
13:36:08.791 Modules scanning
13:36:25.044 Disk 0 trace - called modules:
13:36:25.401 ntkrnlpa.exe CLASSPNP.SYS disk.sys hpdskflt.sys halmacpi.dll ACPI.sys ataport.SYS PCIIDEX.SYS msahci.sys intelppm.sys ndis.sys NETw5s32.sys
13:36:25.415 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x865bb030]
13:36:25.425 3 CLASSPNP.SYS[8b5d159e] -> nt!IofCallDriver -> [0x865ba550]
13:36:25.433 5 hpdskflt.sys[8b7aff92] -> nt!IofCallDriver -> [0x8650d918]
13:36:25.440 7 ACPI.sys[8b2893d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x86094908]
13:36:26.421 AVAST engine scan C:\Windows
13:36:29.318 AVAST engine scan C:\Windows\system32
13:38:32.521 File: C:\Windows\assembly\GAC_MSIL\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
13:39:18.202 AVAST engine scan C:\Windows\system32\drivers
13:39:32.326 AVAST engine scan C:\Users\Phillip
13:40:53.211 AVAST engine scan C:\ProgramData
13:41:24.291 Scan finished successfully
13:42:01.170 Disk 0 MBR has been saved successfully to "C:\Users\Phillip\Downloads\MBR.dat"
13:42:01.185 The log file has been saved successfully to "C:\Users\Phillip\Downloads\aswMBR log.txt"


This is the LOG FILE
  • 0

#3
flyingdumbbells

flyingdumbbells

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
anyone????????????? :help:
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP