New
#11
razzledazzle94,
The reports are showing the latest version of ZeroAccess, and damage to Windows Defender and Microsoft Security Essentials.
Need to go out for a while, but will be back this evening.
In the meantime....
Please download ComboFix:
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Save ComboFix.exe to the Desktop
Disable your AntiVirus and AntiSpyware applications as they will interfere with ComboFix.
Info: http://www.techsupportforum.com/secu...lications.html
Double click combofix.exe and follow the prompts.
When finished, it produces a log.
Please include the C:\ComboFix.txt in your reply.
NOTE: If you encounter a message "Illegal operation attempted on registry key that has been marked for deletion" and no programs run, please reboot to resolve the error.
After doing the above, please do not run any malware removal programs, or take any other actions.
Will catch up with you later.
Thanks for your patience. :)
okay so here's the outcome. after running Combofix my computer rebooted and everything seemed fine, when I clicked on MSE it came up with the error you expected whereby it told me "Illegal operation attempted on registry key that has been marked for deletion" so I rebooted again and now MSE opens fine (at last). it says in the history tab that there are 5 Trojans that need action but when I click remove all it comes up with the message
" security essentials couldn't remove some of the detected threats
the class is not configured to support elevated action "
any ideas? oh and here is the combofix.txt you requested
thanks again for your help
Can you upload the MSE logs
Should be in C:\ProgramData\Microsoft\Microsoft Antimalware\Support
ProgramData folder is a hidden folder
To show hidden folders
Click on the Start button and select Computer
Press the Alt key on your keyboard and click on Tools or click on Organize
Select Folder Options
Click the View tab and make sure that Show hidden files and folders is selected under Hidden files and folders
Click Apply then click OK
I cannot upload the log because it exceeds the 2mb limit by quite a bit at 16mb
also, since rebooting after removing the ZeroAccess I keep getting pop ups telling me whether or not I am entering a secure or unsecure internet connection. any ideas?