trojan in \desktop.ini

http://img805.imageshack.us/img805/9659/rktigzy.gif Fix items using RogueKiller.

Double-click RogueKiller.exe to run. (Vista/7 right-click and select Run as Administrator)
When it opens, press the Scan button
Now click the files/folder tab and locate these 2 detections:

• [ZeroAccess][FILE] Desktop.ini : C:\windows\Assembly\GAC_32\Desktop.ini --> FOUND
• [ZeroAccess][FILE] Desktop.ini : C:\windows\Assembly\GAC_64\Desktop.ini --> FOUND

Place a checkmark each of these items, leave the others unchecked.
Now press the Delete button.
When it is finished, there will be a log on your desktop called: RKreport[2].txt
Attach RKreport[2].txt to your next message. (How to attach)



Download and run OTM.

Download OTM by Old Timer and save it to your Desktop.

• Right-click OTM.exe And select " Run as administrator " to run it.
• Paste the following code under the http://farm3.static.flickr.com/2455/4173556815_a721a91733_o.png area. Do not include the word Code.

Code:

:Files
C:\Program Files (x86)\Common Files\Spigot
C:\windows\assembly\tmp\U\800000cb.$
C:\windows\assembly\tmp\U\800000cf.$
C:\windows\assembly\tmp\U
C:\windows\assembly\tmp\{1B372133-BFFA-4dba-9CCF-5474BED6A9F6}
C:\windows\assembly\tmp\U\000000c0.@

:reg
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentVersion\Run]
"SearchSettings"=-

:Commands
[emptytemp]
[Reboot]

• Return to OTM, right click in the Paste List of Files/Folders to Move window (under the yellow bar) and choose Paste.
• Push the large http://farm3.static.flickr.com/2782/4174320048_f01c448b32_o.png button.
• OTM may ask to reboot the machine. Please do so if asked.
• Copy everything in the Results window (under the green bar), and paste it in your next reply.

NOTE: If you are unable to copy/paste from this window (as will be the case if the machine was rebooted), open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTM\MovedFiles folder, and open the newest .log file present, and attach the contents of that document back here in your next post.

• Re run RogueKiller and attach the new log.
• Now run the C:\MGtools\GetLogs.bat file by double clicking on it. (Right click and run as admin if using Vista or Windows7) Then attach the new C:\MGlogs.zip file that will be created by running this.
• Let me know of any problems you may have encountered with the above instructions and also let me know how things are running now!

 

Run RogueKiller again (no fix!) just a scan and attach that log please.

 

Continue with OTM now and the rest of the instructions.