Need help removing trojan.gen.2, trojan.gen and trojan.zeroaccess.b [S
#46
Posted 15 August 2012 - 08:28 PM
#47
Posted 16 August 2012 - 11:26 AM
The desktop.ini files are related to the customizing folder. If you have any custom icons, the desktop.ini will tell to the Windows how display him. If the desktop.ini is deleted, the customizing will disappear.
I will give instructions to you about how to hide the desktop.ini when we finish.
Please, run Farbar Service Scanner again and post the log.
#48
Posted 16 August 2012 - 10:16 PM
Ran by owner (administrator) on 17-08-2012 at 00:05:11
Running from "C:\Users\owner\Desktop"
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.
Windows Firewall:
=============
Firewall Disabled Policy:
==================
System Restore:
============
System Restore Disabled Policy:
========================
Security Center:
============
Windows Update:
============
Windows Autoupdate Disabled Policy:
============================
Other Services:
==============
sharedaccess Service is not running. Checking service configuration:
The start type of sharedaccess service is set to Auto
The ImagePath of sharedaccess service is OK.
The ServiceDll of sharedaccess service is OK.
File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2012-05-09 22:02] - [2012-03-30 08:39] - 0905600 ____A (Microsoft Corporation) 27D470DABC77BC60D0A3B0E4DEB6CB91
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
**** End of log ****
#49
Posted 17 August 2012 - 12:27 PM
Type services.msc and press [ENTER]
Search for the Windows Firewall service > Right-click and choose start
Repeat the instructions for the Internet Connection Sharing (ICS) service.
PS: Let me know if you received any error message
#50
Posted 19 August 2012 - 09:18 PM
#51
Posted 21 August 2012 - 11:12 AM
1. Reregister the ipnathlp.dll. To do this, follow these steps:
- Click in Start > Run and type regsvr32 ipnathlp.dll and then click OK two times.
- Restart the computer.
- Click Start, click Run, type services.msc, and then click OK
- Double-click Internet Connection Sharing.
- In the Service status area, click Start.
- If ICS does not start successfully, continue to step 3.
Reg add HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters /v ServiceDll /t REG_EXPAND_SZ /d %SystemRoot%\System32\ipnathlp.dll
4. Restart the computer
5. Try to start the ICS (Internet Connection Sharing) service again.
#52
Posted 21 August 2012 - 07:51 PM
#53
Posted 22 August 2012 - 11:13 AM
3. Click Start, click Run, type the following command, and then click OK:
Reg add HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters /v ServiceDll /t REG_EXPAND_SZ /d %SystemRoot%\System32\ipnathlp.dll
4. Restart the computer
5. Try to start the ICS (Internet Connection Sharing) service again.
#54
Posted 23 August 2012 - 09:36 PM
I did step 3 and i got the same error message as before when trying to start ICS.
#55
Posted 24 August 2012 - 04:58 PM
- Hold down the Windows key + R on your keyboard. This will display the Run dialogue box
- Type cmd and press [ENTER]
- Next, type Net Start SharedAccess and tell me the result.
#56
Posted 26 August 2012 - 07:59 AM
System error 5 has occurred.
Access is denied.
#57
Posted 26 August 2012 - 01:56 PM
- Go to Control Panel and select System
- Select System
- On the left select System Protection and accept the warning if you get one
- Select System Protection Tab
- Select Create at the bottom
- Type in a name i.e. SharedAccess
- Select Create
NEXT:
Type regedit into the start box and when regedit.exe populates in the window above > right click it and choose "Run as an Administrator"
Registry Editor will open.
Navigate to : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess
Right click on SharedAccess, click "Permissions" then "Administrators (Your_username-PC/Administators)" then tick "Full control" in "Allow" box, click OK:
Go to Start=>Run (alternatively use Windows key+R), type cmd and click OK.
Type Net Start SharedAccess and tell me the result.
#58
Posted 26 August 2012 - 07:18 PM
System error 5 has occurred.
Access is denied.
#59
Posted 27 August 2012 - 07:27 PM
Download the Reset Registry Permissions and run the tool.
Click in start.
Restart the computer.
Go to Start=>Run (alternatively use Windows key+R), type cmd and click OK.
Type Net Start SharedAccess and tell me the result
#60
Posted 28 August 2012 - 07:52 PM
System error 5 has occurred.
Access is denied.
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users