Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Trojan Horse: ZeroAccess-FAT!CBB5F2DB64C0

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Trojan Horse: ZeroAccess-FAT!CBB5F2DB64C0

Unread postby lopkath » November 6th, 2013, 10:39 pm

Hi,

I have a trojan horse named ZeroAccess-FAT!CBB5F2DB64C0. I have a McAfee antivirus but unfortunately it can't quarantine/delete the virus.
I can't open any files downloaded from the internet. And I can't manually delete the folders. GAC_32 and GAC_64.
Hope you can help.

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16537
Run by Katherine at 13:26:13 on 2013-11-07
Microsoft Windows 8 6.2.9200.0.1252.61.1033.18.6030.2252 [GMT 11:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Outdated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall *Disabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
.
============== Running Processes ===============
.
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\taskhostex.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
C:\Program Files\ASUS\P4G\BatteryLife.exe
C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
C:\Windows\system32\svchost.exe -k apphost
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\igfxpers.exe
C:\Windows\system32\DptfParticipantProcessorService.exe
C:\Windows\system32\DptfPolicyConfigTDPService.exe
C:\Windows\system32\DptfPolicyLpmService.exe
C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Windows\SysWOW64\irstrtsv.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files\McAfee\MSC\McAPExe.exe
C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
C:\windows\system32\mfevtps.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\ASUS\ASUS VivoBook\ASUSWakeupService.exe
C:\Windows\system32\svchost.exe -k iissvcs
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\ASUS\ASUS VivoBook\VivoBook.exe
C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
c:\PROGRA~1\COMMON~1\mcafee\actwiz\mcawfwk.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Windows\System32\StikyNot.exe
C:\Users\Katherine\AppData\Local\DownBook\DownBook.exe
C:\Users\Katherine\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe
C:\Program Files\mcafee\VirusScan\mcods.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\PROGRA~1\McAfee\MSM\McSmtFwk.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Users\Katherine\Downloads\avast_free_antivirus_setup.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\KATHER~1\AppData\Local\Temp\_av_iup.tm~a06612\instup.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uDefault_Page_URL = hxxp://asus13.msn.com
mStart Page = hxxp://mysearch.sweetpacks.com/?src=10& ... 5041943672
mWinlogon: Userinit = userinit.exe
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL
uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
uRun: [DownBook] "C:\Users\Katherine\AppData\Local\DownBook\DownBook.exe" 30f1cf9e8f9a2f6dd2ae7f4257b5833e 12
mRun: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
mRun: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe /S
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [ATLauncher] "C:\Program Files\McAfeeEx\McAfeeAntiTheft\ATLauncher.exe" /createshortcuts:1
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [MobileBroadband] C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe /silent
mRun: [ATUninstallIcon] "C:\Program Files\McAfeeEx\McAfeeAntiTheft\ATLauncher.exe" /createuninstallentry:1
StartupFolder: C:\Users\KATHER~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Katherine\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\KATHER~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SENDTO~1.LNK - C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
LSP: mswsock.dll
TCP: Interfaces\{02301432-869D-440A-A385-281750F8CA8F} : NameServer = 10.143.147.147 10.143.147.148
TCP: Interfaces\{166A1CDC-B9B7-49D6-8FFE-0AAC41BEA327} : DHCPNameServer = 149.171.96.2 149.171.192.2
TCP: Interfaces\{166A1CDC-B9B7-49D6-8FFE-0AAC41BEA327}\14E64627F696461405 : DHCPNameServer = 192.168.43.1
TCP: Interfaces\{166A1CDC-B9B7-49D6-8FFE-0AAC41BEA327}\35471627265736B637F575966496 : DHCPNameServer = 172.16.0.254
TCP: Interfaces\{166A1CDC-B9B7-49D6-8FFE-0AAC41BEA327}\D4368657 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{166A1CDC-B9B7-49D6-8FFE-0AAC41BEA327}\F4242786F6465637 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{166A1CDC-B9B7-49D6-8FFE-0AAC41BEA327}\F56427565635B697649696F5 : DHCPNameServer = 208.67.222.222 208.67.220.220
TCP: Interfaces\{3C511EB4-B5FF-4D99-8368-A4329A7A5926} : NameServer = 10.143.147.147 10.143.147.148
TCP: Interfaces\{464DAABD-162C-44DA-BBF0-E2EB91080E53} : DHCPNameServer = 40.53.1.201 40.53.1.203
TCP: Interfaces\{5DEF39E3-C78D-44B8-A60D-5FFD4F79C10C} : NameServer = 10.143.147.147 10.143.147.148
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs=
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
mASetup: {A6EADE66-0000-0000-484E-7E8A45000000} - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Reader 11.0\Esl\AiodLite.dll",CreateReaderUserSettings
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [DptfPolicyLpmServiceHelper] C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX3
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 excsd;ExpressCache Storage Filter Driver;C:\Windows\System32\Drivers\excsd.sys [2013-5-8 95024]
R0 iaStorA;iaStorA;C:\Windows\System32\Drivers\iaStorA.sys [2012-7-6 645952]
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\Drivers\mfehidk.sys [2012-6-23 781312]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\Drivers\mfewfpk.sys [2012-6-23 343568]
R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-9-8 17536]
R1 excfs;ExpressCache File System Filter Driver;C:\Windows\System32\Drivers\excfs.sys [2013-5-8 23344]
R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-3 15416]
R2 ASUS InstantOn;ASUS InstantOn Service;C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [2012-4-14 277120]
R2 DptfParticipantProcessorService;Intel(R) Dynamic Platform and Thermal Framework Processor Participant Service Application;C:\Windows\System32\DptfParticipantProcessorService.exe [2013-3-21 31632]
R2 DptfPolicyConfigTDPService;Intel(R) Dynamic Platform and Thermal Framework Config TDP Service Application;C:\Windows\System32\DptfPolicyConfigTDPService.exe [2013-3-21 33168]
R2 DptfPolicyLpmService;Intel(R) Dynamic Platform and Thermal Framework Low Power Mode Service Application;C:\Windows\System32\DptfPolicyLpmService.exe [2013-3-21 39824]
R2 ExpressCache;ExpressCache;C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [2012-3-31 79664]
R2 HomeNetSvc;McAfee Home Network;C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [2013-5-8 328928]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-21 635104]
R2 Intel(R) ME Service;Intel(R) ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-5-8 129856]
R2 irstrtsv;Intel(R) Rapid Start Technology Service;C:\Windows\SysWOW64\irstrtsv.exe [2013-5-8 193576]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2013-5-8 166720]
R2 McAPExe;McAfee AP Service;C:\Program Files\mcafee\msc\McAPExe.exe [2013-9-14 178048]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [2013-5-8 328928]
R2 McOobeSv2;McAfee OOBE Service2;C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [2013-5-8 328928]
R2 mcpltsvc;McAfee Platform Services;C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [2013-5-8 328928]
R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [2013-5-8 328928]
R2 McSchedulerSvc;McAfee PC Task Scheduler Service;C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [2013-5-8 328928]
R2 mfecore;McAfee Anti-Malware Core;C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe [2013-9-14 1017016]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe [2012-11-28 219272]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2012-11-28 182752]
R2 OfficeSvc;Microsoft Office Service;C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-7-28 1900728]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2013-5-8 365376]
R2 VmbService;Vodafone Mobile Broadband Service;C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe [2011-2-15 9216]
R2 WakeupService;ASUS Wake Service;C:\Program Files\ASUS\ASUS VivoBook\ASUSWakeupService.exe [2012-12-20 45488]
R3 AiCharger;ASUS Charger Driver;C:\Windows\System32\Drivers\AiCharger.sys [2012-7-25 17152]
R3 ATP;ASUS Input Device;C:\Windows\System32\Drivers\AsusTP.sys [2013-2-7 65784]
R3 DptfDevDram;DptfDevDram;C:\Windows\System32\Drivers\DptfDevDram.sys [2013-3-21 107920]
R3 DptfDevFan;DptfDevFan;C:\Windows\System32\Drivers\DptfDevFan.sys [2013-3-21 43408]
R3 DptfDevGen;DptfDevGen;C:\Windows\System32\Drivers\DptfDevGen.sys [2013-3-21 65424]
R3 DptfDevPch;DptfDevPch;C:\Windows\System32\Drivers\DptfDevPch.sys [2013-3-21 97680]
R3 DptfDevProc;DptfDevProc;C:\Windows\System32\Drivers\DptfDevProc.sys [2013-3-21 229776]
R3 DptfManager;DptfManager;C:\Windows\System32\Drivers\DptfManager.sys [2013-3-21 363920]
R3 ew_usbenumfilter;huawei_CompositeFilter;C:\Windows\System32\Drivers\ew_usbenumfilter.sys [2013-7-27 13952]
R3 HIDSwitch;ASUS Wireless Radio Control;C:\Windows\System32\Drivers\AsHIDSwitch64.sys [2013-3-21 21152]
R3 huawei_cdcacm;huawei_cdcacm;C:\Windows\System32\Drivers\ew_jucdcacm.sys [2013-7-27 94208]
R3 huawei_enumerator;huawei_enumerator;C:\Windows\System32\Drivers\ew_jubusenum.sys [2013-7-28 85504]
R3 huawei_ext_ctrl;huawei_ext_ctrl;C:\Windows\System32\Drivers\ew_juextctrl.sys [2013-7-27 28672]
R3 huawei_wwanecm;huawei_wwanecm;C:\Windows\System32\Drivers\ew_juwwanecm.sys [2013-7-27 196096]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\Drivers\IntcDAud.sys [2013-3-21 342528]
R3 irstrtdv;Intel(R) Rapid Start Technology Driver;C:\Windows\System32\Drivers\irstrtdv.sys [2013-5-8 43800]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;C:\Windows\System32\Drivers\L1C63x64.sys [2013-3-21 110744]
R3 McAWFwk;McAfee Activation Service;C:\PROGRA~1\COMMON~1\mcafee\actwiz\mcawfwk.exe [2013-9-20 334608]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\Drivers\mfeavfk.sys [2012-6-23 310224]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\Drivers\mfefirek.sys [2012-6-23 519192]
R3 mfencbdc;McAfee Inc. mfencbdc;C:\Windows\System32\Drivers\mfencbdc.sys [2013-9-20 390552]
RUnknown xlxuuhhy;xlxuuhhy; [x]
S0 mfeelamk;McAfee Inc. mfeelamk;C:\Windows\System32\Drivers\mfeelamk.sys [2012-6-19 69264]
S2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [2013-5-8 328928]
S2 McOobeSv;McAfee OOBE Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2013-8-2 201304]
S3 AmUStor;AM USB Stroage Driver;C:\Windows\System32\Drivers\AmUStor.sys [2012-10-4 95232]
S3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\Drivers\cfwids.sys [2012-6-23 70112]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\Drivers\ssudbus.sys [2013-8-20 103576]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;C:\Windows\System32\Drivers\ew_hwusbdev.sys [2013-7-27 117248]
S3 HipShieldK;McAfee Inc. HipShieldK;C:\Windows\System32\Drivers\HipShieldK.sys [2013-11-7 197704]
S3 mfencrk;McAfee Inc. mfencrk;C:\Windows\System32\Drivers\mfencrk.sys [2013-9-20 95984]
S3 RTL8168;Realtek 8168 NT Driver;C:\Windows\System32\Drivers\Rt630x64.sys [2012-6-3 589824]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\Drivers\ssudmdm.sys [2013-8-20 204568]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-26 198656]
.
=============== Created Last 30 ================
.
2013-11-07 02:26:02 -------- d-----w- C:\ProgramData\AVAST Software
2013-11-07 01:29:55 -------- d-----w- C:\Users\Katherine\AppData\Local\Recovery Toolbox for Word
2013-11-07 01:29:43 -------- d-----w- C:\Program Files (x86)\Recovery Toolbox for Word
2013-11-07 00:05:48 197704 ----a-w- C:\Windows\System32\drivers\HipShieldK.sys
2013-11-06 22:48:51 -------- d-----w- C:\Users\Katherine\AppData\Local\WideSearch
2013-11-06 22:48:14 -------- d-----w- C:\Users\Katherine\AppData\Local\DownBook
2013-10-23 01:21:29 315568 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10222.bin
2013-10-16 05:39:41 -------- d-----w- C:\Users\Katherine\AppData\Local\Microsoft Help
2013-10-16 04:05:26 2678760 ----a-w- C:\Program Files\Windows Defender\en-US\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SkywalkerSetup[1].exe
2013-10-16 04:03:56 3519136 ----a-w- C:\Program Files\Windows Defender\en-US\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WSSetup[1].exe
2013-10-15 07:05:07 566784 ----a-w- C:\Windows\System32\wvc.dll
2013-10-15 07:05:07 1374208 ----a-w- C:\Windows\System32\wdc.dll
2013-10-15 07:05:06 462336 ----a-w- C:\Windows\System32\sysmon.ocx
2013-10-15 07:05:06 399360 ----a-w- C:\Windows\SysWow64\sysmon.ocx
2013-10-15 07:05:06 1245696 ----a-w- C:\Windows\SysWow64\wdc.dll
2013-10-15 07:05:05 437248 ----a-w- C:\Windows\SysWow64\wvc.dll
2013-10-15 07:04:04 290992 ----a-w- C:\Program Files\Windows Defender\en-US\systemprofile\AppData\Local\Microsoft\Windows\Sqm\Manifest\Sqm10221.bin
2013-10-11 07:35:18 -------- d-----w- C:\Program Files (x86)\qualitink
2013-10-11 07:34:41 -------- d-----w- C:\Program Files (x86)\TornTV.com
2013-10-10 07:19:04 652288 ----a-w- C:\Windows\System32\comctl32.dll
2013-10-10 07:19:02 541696 ----a-w- C:\Windows\SysWow64\comctl32.dll
2013-10-10 07:17:58 108032 ----a-w- C:\Program Files (x86)\Internet Explorer\jsdebuggeride.dll
2013-10-10 07:17:24 785624 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
2013-10-10 07:17:23 54488 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys
2013-10-10 07:17:22 210560 ----a-w- C:\Windows\System32\drivers\usbvideo.sys
2013-10-10 07:17:21 99328 ----a-w- C:\Windows\System32\drivers\usbcir.sys
2013-10-10 07:17:18 83968 ----a-w- C:\Windows\System32\drivers\hidclass.sys
2013-10-10 07:17:17 32768 ----a-w- C:\Windows\System32\drivers\hidparse.sys
2013-10-10 07:17:17 25600 ----a-w- C:\Windows\System32\drivers\usbprint.sys
2013-10-10 07:16:55 4040192 ----a-w- C:\Windows\System32\win32k.sys
2013-10-10 07:16:51 362496 ----a-w- C:\Windows\System32\atmfd.dll
2013-10-10 07:16:51 300032 ----a-w- C:\Windows\SysWow64\atmfd.dll
2013-10-10 07:16:50 46080 ----a-w- C:\Windows\System32\atmlib.dll
2013-10-10 07:16:50 35328 ----a-w- C:\Windows\SysWow64\atmlib.dll
2013-10-10 07:16:41 623448 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2013-10-10 07:16:41 498008 ----a-w- C:\Windows\System32\drivers\usbport.sys
2013-10-10 07:16:40 79192 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2013-10-10 07:16:40 21848 ----a-w- C:\Windows\System32\drivers\usbd.sys
2013-10-10 07:16:39 32256 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2013-10-10 07:16:39 120832 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2013-10-10 07:15:58 102608 ----a-w- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 07:15:57 124112 ----a-w- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 04:12:05 337752 ----a-w- C:\Windows\System32\drivers\USBXHCI.SYS
2013-10-09 04:12:03 447320 ----a-w- C:\Windows\System32\drivers\USBHUB3.SYS
2013-10-09 04:12:02 213336 ----a-w- C:\Windows\System32\drivers\UCX01000.SYS
.
==================== Find3M ====================
.
2013-11-07 01:09:33 62 ----a-w- C:\Users\Katherine\AppData\Roaming\sp_data.sys
2013-10-02 01:38:13 78296 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-02 01:38:13 694232 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-09-24 09:29:46 70112 ----a-w- C:\Windows\System32\drivers\cfwids.sys
2013-09-24 09:25:40 343568 ----a-w- C:\Windows\System32\drivers\mfewfpk.sys
2013-09-24 09:25:24 182752 ----a-w- C:\Windows\System32\mfevtps.exe
2013-09-24 09:22:48 781312 ----a-w- C:\Windows\System32\drivers\mfehidk.sys
2013-09-24 09:21:32 519192 ----a-w- C:\Windows\System32\drivers\mfefirek.sys
2013-09-24 09:20:28 310224 ----a-w- C:\Windows\System32\drivers\mfeavfk.sys
2013-09-24 09:19:56 179664 ----a-w- C:\Windows\System32\drivers\mfeapfk.sys
2013-09-24 09:03:12 69264 ----a-w- C:\Windows\System32\drivers\mfeelamk.sys
2013-09-22 23:28:06 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-09-22 23:27:49 2876928 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-09-22 22:55:10 2241024 ----a-w- C:\Windows\System32\wininet.dll
2013-09-22 22:54:51 3959296 ----a-w- C:\Windows\System32\jscript9.dll
2013-09-19 22:38:30 10856 ----a-w- C:\Windows\System32\drivers\mfeclnrk.sys
2013-09-19 22:38:14 95984 ----a-w- C:\Windows\System32\drivers\mfencrk.sys
2013-09-19 22:37:56 390552 ----a-w- C:\Windows\System32\drivers\mfencbdc.sys
2013-08-19 21:02:12 204568 ----a-w- C:\Windows\System32\drivers\ssudmdm.sys
2013-08-19 21:02:12 103576 ----a-w- C:\Windows\System32\drivers\ssudbus.sys
2013-08-16 05:41:13 58200 ----a-w- C:\Windows\System32\drivers\dam.sys
2013-08-16 05:39:26 2371728 ----a-w- C:\Windows\System32\WSService.dll
2013-08-16 05:32:48 209200 ----a-w- C:\Windows\System32\NotificationUI.exe
2013-08-16 05:22:22 40448 ----a-w- C:\Windows\System32\wuapp.exe
2013-08-16 05:22:11 4917760 ----a-w- C:\Windows\System32\sppsvc.exe
2013-08-16 05:20:30 105984 ----a-w- C:\Windows\System32\WinSetupUI.dll
2013-08-15 22:43:21 35328 ----a-w- C:\Windows\SysWow64\wuapp.exe
2013-08-15 22:43:07 84992 ----a-w- C:\Windows\SysWow64\wudriver.dll
2013-08-15 22:43:07 126976 ----a-w- C:\Windows\SysWow64\wuwebv.dll
2013-08-15 22:43:03 562688 ----a-w- C:\Windows\SysWow64\WSShared.dll
2013-08-15 22:43:03 159232 ----a-w- C:\Windows\SysWow64\WSSync.dll
2013-08-15 22:43:02 83968 ----a-w- C:\Windows\SysWow64\OEMLicense.dll
2013-08-15 22:43:02 167424 ----a-w- C:\Windows\SysWow64\WSClient.dll
2013-08-15 22:43:02 143872 ----a-w- C:\Windows\SysWow64\Windows.ApplicationModel.Store.dll
2013-08-15 22:43:02 124928 ----a-w- C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-08-15 22:42:52 76800 ----a-w- C:\Windows\SysWow64\setupcln.dll
2013-08-15 22:42:47 91648 ----a-w- C:\Windows\SysWow64\sppc.dll
2013-08-10 05:21:51 448512 ----a-w- C:\Windows\System32\SettingSync.dll
2013-08-10 05:21:51 128512 ----a-w- C:\Windows\System32\SettingSyncInfo.dll
2013-08-10 03:58:51 356352 ----a-w- C:\Windows\SysWow64\SettingSync.dll
.
============= FINISH: 13:27:00.94 ===============


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 8
Boot Device: \Device\HarddiskVolume1
Install Date: 28/07/2013 10:23:41 AM
System Uptime: 7/11/2013 12:09:12 PM (1 hours ago)
.
Motherboard: ASUSTeK COMPUTER INC. | | S400CA
Processor: Intel(R) Core(TM) i3-3217U CPU @ 1.80GHz | SOCKET 0 | 1801/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 119 GiB total, 67.619 GiB free.
D: is FIXED (NTFS) - 158 GiB total, 157.147 GiB free.
E: is CDROM (CDFS)
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP19: 31/10/2013 8:58:08 PM - Scheduled Checkpoint
.
==== Installed Programs ======================
.
ASUS VivoBook
???
????
7-Zip 9.21
Adobe Reader XI (11.0.05)
Alcor Micro USB Card Reader
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ASUS Instant Connect
ASUS InstantOn
ASUS LifeFrame3
ASUS Live Update
ASUS Power4Gear Hybrid
ASUS S Series Product Demo
ASUS Screen Saver
ASUS Smart Gesture
ASUS Splendid Video Enhancement Technology
ASUS Tutor
ASUS USB Charger Plus
ASUS WebStorage Sync Agent
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
ATK Package
µTorrent
Bonjour
D3DX10
Dropbox
ExpressCache
Galerie de photos
Galería de fotos
Google Chrome
Google Update Helper
Intel(R) Dynamic Platform and Thermal Framework
Intel(R) Management Engine Components
Intel(R) Processor Graphics
Intel(R) Rapid Start Technology
Intel(R) SDK for OpenCL - CPU Only Runtime Package
Intel® Trusted Connect Service Client
iTunes
McAfee Internet Security
Microsoft Application Error Reporting
Microsoft Office Home and Student 2013 - en-us
Microsoft SkyDrive
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Movie Maker
MSVCRT
MSVCRT110
MSVCRT110_amd64
MyBitCast 2.0
Office 15 Click-to-Run Extensibility Component
Office 15 Click-to-Run Licensing Component
Office 15 Click-to-Run Localization Component
Photo Common
Photo Gallery
Qualcomm Atheros Client Installation Program
Realtek High Definition Audio Driver
Shared C Run-time for x64
VLC media player 2.0.8
Vodafone Mobile Broadband Lite
Windows Driver Package - ASUS (ATP) Mouse (01/10/2013 1.0.0.170)
Windows Live
Windows Live ???
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
WinFlash
.
==== Event Viewer Messages From Past Week ========
.
7/11/2013 12:13:57 PM, Error: Service Control Manager [7003] - The McAfee Personal Firewall Service service depends on the following service: MpsSvc. This service might not be installed.
7/11/2013 12:09:30 PM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.
7/11/2013 12:09:30 PM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends on the following service: BFE. This service might not be installed.
7/11/2013 11:00:11 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the McAfee Proxy Service service to connect.
7/11/2013 11:00:11 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the McAfee Anti-Spam Service service to connect.
7/11/2013 11:00:11 AM, Error: Service Control Manager [7000] - The McAfee Proxy Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
7/11/2013 11:00:11 AM, Error: Service Control Manager [7000] - The McAfee Anti-Spam Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
7/11/2013 11:00:10 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the McAfee Home Network service to connect.
7/11/2013 11:00:10 AM, Error: Service Control Manager [7000] - The McAfee Home Network service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
31/10/2013 8:23:40 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {9E175B6D-F52A-11D8-B9A5-505054503030} and APPID {9E175B9C-F52A-11D8-B9A5-505054503030} to the user LOPEZ\Katherine SID (S-1-5-21-2310037115-3381023296-2682055896-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (S-1-15-2-2018720820-1077591348-3698767391-2145051470-4102677174-3785159066-2937586664). This security permission can be modified using the Component Services administrative tool.
31/10/2013 10:24:01 AM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
1/11/2013 7:43:45 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {9E175B6D-F52A-11D8-B9A5-505054503030} and APPID {9E175B9C-F52A-11D8-B9A5-505054503030} to the user LOPEZ\Katherine SID (S-1-5-21-2310037115-3381023296-2682055896-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (S-1-15-2-3040112142-2727299969-3530923263-3330994594-2104503220-630244759-1647566914). This security permission can be modified using the Component Services administrative tool.
.
==== End Of File ===========================
lopkath
Active Member
 
Posts: 5
Joined: November 6th, 2013, 10:25 pm
Advertisement
Register to Remove

Re: Trojan Horse: ZeroAccess-FAT!CBB5F2DB64C0

Unread postby Gary R » November 7th, 2013, 2:33 am

Looking over your logs, back soon.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21868
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Trojan Horse: ZeroAccess-FAT!CBB5F2DB64C0

Unread postby Gary R » November 7th, 2013, 2:37 am

Your logs do indeed show signs of Zero Access on your computer. Zero Access is a Remote Access Infection.

LSP: mswsock.dll


These indicate you are infected with ....



Please take time to carefully read all THIS topic, then let me know how you want to proceed.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21868
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Trojan Horse: ZeroAccess-FAT!CBB5F2DB64C0

Unread postby lopkath » November 7th, 2013, 4:46 am

Hi Gary,

Can you please walk mo through in repaving my computer? i am using a clean laptop right now.
Appreciate it if you would help.
lopkath
Active Member
 
Posts: 5
Joined: November 6th, 2013, 10:25 pm

Re: Trojan Horse: ZeroAccess-FAT!CBB5F2DB64C0

Unread postby lopkath » November 7th, 2013, 4:47 am

And can you tell if my computer is already hacked?
lopkath
Active Member
 
Posts: 5
Joined: November 6th, 2013, 10:25 pm

Re: Trojan Horse: ZeroAccess-FAT!CBB5F2DB64C0

Unread postby Gary R » November 7th, 2013, 5:55 am

There's no way to check for all the modifications that may have been made, so we can't tell what "hacks" may be present on your machine, all we can do is scan for the "usual" modifications that this infection usually makes. That's why we recommend a repave with this infection.

Some may think this is overkill, and many sites will clean the infection without giving people a full picture of all the risks a Remote Access Infection poses, but personally I like to give people as much information as we have, so that they can make an informed decision.

As far as a repave is concerned, if you tell me the make and model of your computer, I'll probably be able to provide you with instructions specific to your machine.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21868
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Trojan Horse: ZeroAccess-FAT!CBB5F2DB64C0

Unread postby lopkath » November 7th, 2013, 7:17 am

Understood. Here's the model:

Model: ASUS Notebook Series
Manufacturer: ASUSTek Computer Inc.
System: 64-Bit Operating System, x64-based processor
Processor: Intel(R) Core (TM) i3-3217U CPU @ 1.80GHz

Are these details enough?
lopkath
Active Member
 
Posts: 5
Joined: November 6th, 2013, 10:25 pm

Re: Trojan Horse: ZeroAccess-FAT!CBB5F2DB64C0

Unread postby Gary R » November 7th, 2013, 8:44 am

OK, before you "recover" (repave) your machine, you'll want to back up (copy) your personal files and folders to an external device (like a USB drive). Non-executable files like wordprocessor files, spreadsheets, pictures, videos, music and such, are usually safe to keep.

If you don't do this, you'll lose all those files when you repave.

Don't forget to backup your bookmarks/favourites from your browser, and your address book from your e-mail client. Lots of people do forget, and it's a real nuisance to them afterwards.

Once you've successfully backed up your personal stuff ....

This is what I could find for Asus notebooks ....

To repave, Asus computers have a Recovery Partition which contains a copy of the Operating System (Windows) as it was when it cam from the factory, recovering to this will re-format your hard drive (which will remove all existing files from it) and then re-install Windows (plus any other programs that came with the machine from the factory) from the recovery partition.

To access the recovery partition (F9 Recovery) ...

1. Shut down your computer.

2. Restart it, and press F9 during the bootup (when the Asus logo appears) ..... if it doesn't bring up the recovery menu, shut down and try again.

3. Select the language you use and click to continue.

4. Click Recovery in the Recovery System dialog box to start the system recovery.

5. The system starts system recovery automatically so just follow the onscreen instructions to complete the recovery process.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21868
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Trojan Horse: ZeroAccess-FAT!CBB5F2DB64C0

Unread postby lopkath » November 7th, 2013, 9:30 am

Thanks Gary, I will follow these instructions. I really appreciate your help! :)
lopkath
Active Member
 
Posts: 5
Joined: November 6th, 2013, 10:25 pm

Re: Trojan Horse: ZeroAccess-FAT!CBB5F2DB64C0

Unread postby Gary R » November 7th, 2013, 11:07 am

You're welcome. :)

I'll leave this topic open for a couple of days, if you have any problems get back to me, and I'll help if I can, or if not I'll direct you to somewhere that can.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21868
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 40 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware