Hitman Pro found items all logs attached

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by sssteve72, Sep 1, 2012.

  1. sssteve72

    sssteve72 Private E-2

    Are there any problems in these logs? Hitman Pro found some items and I ignored as noted.

    There were two things on the Hitman logs 'pnkbstr' which are just an old anti cheat system from an call of duty game I used to have.

    I did have a warning on my Avira a couple weeks back and everything seemed fine but I had time today so I ran these now just to be sure, the comp seems to be running fine.
     

    Attached Files:

  2. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    These items may have already been removed, but let's be sure:

    Rescan with HitmanPro.
    Choose to Delete these files if they are detected:


    • C:\Documents and Settings\Steve Weichel\Local Settings\Application Data\{7152c7c7-874d-f83e-a1ea-10031ca0ff2e}\@ (ZeroAccess)
      C:\Documents and Settings\Steve Weichel\Local Settings\Application Data\{7152c7c7-874d-f83e-a1ea-10031ca0ff2e}\L\ (ZeroAccess)
      C:\Documents and Settings\Steve Weichel\Local Settings\Application Data\{7152c7c7-874d-f83e-a1ea-10031ca0ff2e}\U\ (ZeroAccess)
      C:\WINDOWS\Installer\{7152c7c7-874d-f83e-a1ea-10031ca0ff2e}\@ (ZeroAccess)
      C:\WINDOWS\Installer\{7152c7c7-874d-f83e-a1ea-10031ca0ff2e}\L\ (ZeroAccess)
      C:\WINDOWS\Installer\{7152c7c7-874d-f83e-a1ea-10031ca0ff2e}\U\ (ZeroAccess)

    Ignore all other detections.
    Afterwards, click the Next button.
    HitmanPro may want to reboot the PC in order for the changes to take affect, please do so.

    Now Double-click RogueKiller.exe to run. (Vista/7 right-click and select Run as Administrator)
    When it opens, press the Scan button
    Now click the Files/folders tab and locate these detections:


    • [ZeroAccess][FILE] @ : C:\WINDOWS\Installer\{7152c7c7-874d-f83e-a1ea-10031ca0ff2e}\@ --> FOUND
      [ZeroAccess][FOLDER] U : C:\WINDOWS\Installer\{7152c7c7-874d-f83e-a1ea-10031ca0ff2e}\U --> FOUND
      [ZeroAccess][FOLDER] L : C:\WINDOWS\Installer\{7152c7c7-874d-f83e-a1ea-10031ca0ff2e}\L --> FOUND
      [ZeroAccess][FILE] @ : C:\Documents and Settings\Steve Weichel\Local Settings\Application Data\{7152c7c7-874d-f83e-a1ea-10031ca0ff2e}\@ --> FOUND
      [ZeroAccess][FOLDER] U : C:\Documents and Settings\Steve Weichel\Local Settings\Application Data\{7152c7c7-874d-f83e-a1ea-10031ca0ff2e}\U --> FOUND
      [ZeroAccess][FOLDER] L : C:\Documents and Settings\Steve Weichel\Local Settings\Application Data\{7152c7c7-874d-f83e-a1ea-10031ca0ff2e}\L --> FOUND

    Place a checkmark each of these items, leave the others unchecked.
    Now press the Delete button.
    When it is finished, there will be a log on your desktop called: RKreport[2].txt
    Attach RKreport[2].txt to your next message. (How to attach)
    Do not reboot your computer yet.

    Now use windows explorer to find and delete:
    C:\Documents and Settings\Steve Weichel\Local Settings\temp\12.tmp

    Now reboot and re-run RogueKiller and attach the new log.

    Then run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista or Win7, don't double click, use right click and select Run As Administrator).

    Then attach the below logs:

    * C:\MGlogs.zip

    Make sure you tell me how things are working now!
     
  3. sssteve72

    sssteve72 Private E-2

    Deleted files with Hitman

    Roguekiller didn't have those files that I was seeing. So I didn't delete anything and a log is attached.

    Deleted the 12.tmp file

    Mglogs.zip is attached.

    Everything seems to be running fine.
     

    Attached Files:

  4. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Download the below to your dektop.

    BITS.reg


    • Now please click Start, and type regedit into the search box.
    • You should see a regedit.exe and icon appear in the Programs area of the Start Menu.
    • Right click on regedit.exe and select Run As Administrator
    • Then in the Registry Editor menu click File and select Import.
    • Navigate to the BITS.reg file saved to your Desktop and double click it. Allow it to be added to the registry.


    Reboot.
    Is Windows Update now okay?
     
    Last edited: Sep 4, 2012

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds