Author Topic: aceess denied  (Read 3831 times)

0 Members and 1 Guest are viewing this topic.

iut044

  • Guest
aceess denied
« on: May 15, 2013, 12:36:21 AM »
yesterday I was infect with delta search I removed with this guide http://www.wintips.org/remove-delta-search-adware/.  I did a full scan with avast and malwarebytes  and they found nothing after I followed the steps in the guide  . Today avast found a rootkit that I cannot delete
 
« Last Edit: May 15, 2013, 12:46:34 AM by iut044 »

Offline magna86

  • Anti Malware Fighter
  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 4235
    • Ambulanta MyCity Forum - ASAP Member
Re: aceess denied
« Reply #1 on: May 15, 2013, 12:51:12 AM »
Hi,

1. > Attach here  AdwCleaner[S1].txt

2. Follow guide from here;
http://forum.avast.com/index.php?topic=53253.0

Install, update & run Malwarebyts (MBAM) as a pre-scan. Attach here logs.

Run OTL - as primary diagnostic tool. Attach here OTL.txt and Extras.txt log
Run aswMBR as primary AntiRootkit tool. Attach here aswMBR.txt logreport.




iut044

  • Guest
Re: aceess denied
« Reply #2 on: May 15, 2013, 01:44:56 AM »
logs added
« Last Edit: May 15, 2013, 01:54:39 AM by iut044 »

iut044

  • Guest
Re: aceess denied
« Reply #3 on: May 15, 2013, 02:05:11 AM »
I got another computer  infected with VBS:Malware-Gen  now do I need to start a seperate thread for that or use this ? . Also I share a memory stick between these computers with nothing important on it  should I reformat the memory stick  ?
« Last Edit: May 15, 2013, 02:48:05 AM by iut044 »

Offline magna86

  • Anti Malware Fighter
  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 4235
    • Ambulanta MyCity Forum - ASAP Member
Re: aceess denied
« Reply #4 on: May 15, 2013, 10:50:20 AM »
Hi,

Those logs basically looks good. There are some entries that could be reset to the default, we will fix it via zoek.exe;
BTW, thouse AV warnings, for some reason avast could not be read thouse file and threw you alert "access is denied"


Please download zoek.exe and save it to your desktop.

  • Close any open browsers.
  •   Temporarily disable your AntiVirus program. (If necessary)
    If you are unsure how to do this please read this or this Instruction.



  • Double click on zoek.exe to run the tool .
    Please wait while the tool does not start...


  • Copy the text present inside the code box below and paste it into the large window in the zoek tool:
Code: [Select]

C:\Users\iut044\AppData\Roaming\Babylon;f
emptyclsid;
emptyrecycle.bin;
FFdefaults;
chrdefaults;
emptyalltemp;
autoclean;

  • Click on button
    Please wait until a logreport will open (this can be after reboot)

  • Save notepad to your Desktop and attach here zoek-results.log

    Note: It will also create a log in the C:\ directory named "zoek-results.log"



*********************



Quote
I share a memory stick between these computers with nothing important on it  should I reformat the memory stick  ?




> You can check that USB storage devices / removable drives and protect both computers via MCShield.


Download MCShield from one of the following links:

MyCity -  Official download link
Softpedija - Mirror download link

  • Double click MCShield-Setup to install the application.
  • Wait a few seconds to MCShield finish initial scan.
Recommendation to under General and Scanner tab you click on Defaults button to choose recommended options.
  • Connect your USB storage devices to the computer one at a time. Scanning will be done automatically.
When all scanning is done, you need to attach a logreport that has made MCShield.

Start -> All Programs -> MCShield -> Logs

Attach here -> AllScans.txt

Explanation: USB storage devices are all the USB devices that get their own partition letter at connecting to the PC,
e.g. flash drives (thumb/pen drives, USB sticks), external HDDs, MP3/MP4 players, digital cameras,
memory cards (SD cards, Sony Memory Stick, MultiMedia Cards etc.), some mobile phones, some GPS navigation devices etc.




************************


Quote
I got another computer  infected with VBS:Malware-Gen  now do I need to start a seperate thread for that or use this ?


Yap. Someone will analyze attached logs.  ;)
« Last Edit: May 15, 2013, 10:52:08 AM by magna86 »

iut044

  • Guest
Re: aceess denied
« Reply #5 on: May 15, 2013, 11:28:34 AM »
Here is the log from mcshield

Offline magna86

  • Anti Malware Fighter
  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 4235
    • Ambulanta MyCity Forum - ASAP Member
Re: aceess denied
« Reply #6 on: May 15, 2013, 12:09:53 PM »
Drive is clean. MCShield is antimalware tool, be free to install it on another computer too.


Appears no future issue here right? If so, let's remove all used malware removal (OTL, aswMBR, zoek) tool.


Please download DelFix by "Xplode" to your Desktop.

Run the tool and check the following boxes below;
  • Remove disinfection tools
  • Create registry backup
  • Purge System Restore

Now click on "Run" button. Wait for the programme completes his work.

Tool will create and open an log report (DelFix.txt)
Note: The report will also be stored on C:\DelFix.txt


> I don't need DelFix log report.

iut044

  • Guest
Re: aceess denied
« Reply #7 on: May 15, 2013, 12:40:33 PM »
zoek log

Offline magna86

  • Anti Malware Fighter
  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 4235
    • Ambulanta MyCity Forum - ASAP Member
Re: aceess denied
« Reply #8 on: May 15, 2013, 04:31:53 PM »
Ok. Your next step is:
Appears no future issue here right? If so, let's remove all used malware removal (OTL, aswMBR, zoek) tool.