Computer is slow / Ran all steps / Hitman freezes

Discussion in 'Malware Help (A Specialist Will Reply)' started by InSite, Mar 29, 2013.

  1. InSite

    InSite Private E-2

    Hey guys,

    My computer at home has been running so slow recently so I decided to do all of your steps required. I have all logs below BUT Hitman. 4 separate items showed up and I made sure I selected Ignore ALL. Once I clicked next, the Hitman window, my windows bar at the bottom, and all desktop items disappeared at once forcing me to force my computer to reboot. TDS came up with nothing, just so you know. Looking forward to hearing your response!

    Thank you!
     

    Attached Files:

    InSite, Mar 29, 2013
    #1
  2. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    http://img805.imageshack.us/img805/9659/rktigzy.gif Fix items using RogueKiller.

    Double-click RogueKiller.exe to run. (Vista/7 right-click and select Run as Administrator)
    When it opens, press the Scan button
    Now click the Registry tab and locate these 2 detections:
    • [HJ INPROC][ZeroAccess] HKCR\[...]\InprocServer32 : (C:\Windows\\Installer\{423a4e60-0069-7f9f-6843-47aac4943bfb}\n.) [x] -> FOUND
    • [HJ INPROC][ZeroAccess] HKLM\[...]\InprocServer32 : (C:\Windows\\Installer\{423a4e60-0069-7f9f-6843-47aac4943bfb}\n.) [x] -> FOUND
    Place a checkmark each of these items, leave the others unchecked.
    Now press the Delete button.

    ...and the same for these entries on files/foldertab please.

    • [ZeroAccess][FILE] @ : C:\Windows\Installer\{423a4e60-0069-7f9f-6843-47aac4943bfb}\@ [-] --> FOUND
    • [ZeroAccess][FOLDER] U : C:\Windows\Installer\{423a4e60-0069-7f9f-6843-47aac4943bfb}\U --> FOUND
    • [ZeroAccess][FOLDER] L : C:\Windows\Installer\{423a4e60-0069-7f9f-6843-47aac4943bfb}\L --> FOUND
    • [ZeroAccess][FILE] Desktop.ini : C:\Windows\Assembly\GAC_32\Desktop.ini [-] --> FOUND
    • [ZeroAccess][FILE] Desktop.ini : C:\Windows\Assembly\GAC_64\Desktop.ini [-] --> FOUND

    When it is finished, there will be a log on your desktop called: RKreport[2].txt
    Attach RKreport[2].txt to your next message. (How to attach)
    Reboot the machine.



    Copy the bold text below to notepad. Save it as fixME.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.


    Make sure that you tell me if you receive a success message about adding the above
    to the registry. If you do not get a success message, it definitely did not work.


    Download Windows Repair by Tweaking.com and unzip the contents into a newly created folder on your desktop.
    • Now run Repair_Windows.exe by double clicking on it ( if you are running Vista or Win 7, use right click and select Run As Administrator)
    • Now select the Start Repairs tab.
    • The click the Start button.
    • Create a System Restore point if prompted.
    • On the next screen, click the Unselect All button to first deselect all repairs.
    • Now select the following repair options:
      • Reset Registry Permissions
      • Reset File Permissions
      • Register System Files
      • Repair WMI
      • Repair Windows Firewall
      • Remove Policies Set By Infections
      • Repair Winsock & DNS Cache
      • Repair Proxy Settings
      • Repair Windows Updates
      • Set Windows Services To Default Startup
    • Now on the lower right side check the box to Restart/Shutdown System When Finished
    • Then make sure the Restart System radio button is enabled.
    • Shutdown any other programs that you are running now before continuing.
    • Now click the Start button.
    • Be patient while the tool repairs the selected items.
    • It should reboot automatically when finished.

    After reboot, check to see if your firewall is working.


    Now re run RogueKiller, just a scan and attach that log too.

    Now run the C:\MGtools\GetLogs.bat file by double clicking on it. (Right click and run as admin if using Vista or Windows7) Then attach the new C:\MGlogs.zip file that will be created by running this.

    Let me know of any problems you may have encountered with the above instructions and also let me know how things are running now!
     
    Kestrel13!, Mar 29, 2013
    #2
  3. InSite

    InSite Private E-2

    Ok... so when I ran Rogue I unchecked everything in the registry except the 2 you said and then hit delete, when I went back to the Files tab it showed items in there but nothing to check and they all said REMOVED next to them. I thought you were trying to say, go to Files tab and repeat the steps above but I didn't have that option so I hope I didn't mess anything up.

    I am about to reboot my computer and then continue with more steps, but here is my Rogue Report now....
     

    Attached Files:

    InSite, Apr 2, 2013
    #3
  4. InSite

    InSite Private E-2

    I did what you said for the registry and it gave me a prompt, I hit continue and it said it was a success. Did you want me to continue with the steps (Windows Repair) after that? Or are those steps only for if it came up unsuccessful? Also, can I delete that off of my desktop or do you need me to leave it there?

    Thank you.
     
    InSite, Apr 2, 2013
    #4
  5. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Continue with the other steps, yes indeed.
     
    Kestrel13!, Apr 3, 2013
    #5

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds