Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Is someone sharing Windows 7 with me?

24 Apr 2013   #31
VistaKing

Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
 
 

You're missing the FRST.log . Upload that log as well.

Here is a link that will show you how to upload a photo and a file onto the forum

Screenshots and Files - Upload and Post in Seven Forums


My System SpecsSystem Spec
.
24 Apr 2013   #32
nottaclue9

Windows 7 Home Premium 64-bit, service pack 1
 
 



My System SpecsSystem Spec
24 Apr 2013   #33
VistaKing

Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
 
 

nottaclue9

I notice you still have some files left over from the FBI randsom ware virus you had . Lets wait until Cottonball comes on and tells you the next steps .
My System SpecsSystem Spec
.

24 Apr 2013   #34
cottonball

Windows 7 Home Premium
 
 

nottaclue9,

Thanks for the FRST reports.

There are entries showing in them that need removed from your computer.
So, here is what we need to do...

We need to make sure that FRST is on the >>Desktop<<, and not in the Temporary Internet Files Folder where it is now:
Running from C:\Users\xxxx\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JD5UOB86
Otherwise, what we are going to do will not work.


To get FRST on the Desktop, let's delete it, and download a new file, as follows:
Press the Start globe, and in the Search Programs and Files box right above the Start globe, type: FRST
Above it you will see a list with Programs, Documents or Files.
Right-click the FRST icon, and select: Delete
You can also right-click and Delete any Document or File that has FRST in its name.

Now, please download the program once again: Farbar Recovery Scan Tool Download
Select the 32-bit version

When you see the download on the screen, press the drop arrow by Save, and select: Save as...
In the Save as prompt, the blank space right at the top needs to have the Desktop selected.
If there is something else there, click in the space, and use the Backspace key to remove it. Then, type: Desktop
At the bottom of the prompt, press: Save

Now, check the Desktop, and make sure you see FRST there.
If there are any FRST or Addition reports on the Desktop, right-click and: Delete

Double-click FRST to run it once again, and press: Scan

Please post the new FRST.txt that appears on the Desktop.

I will be able to tell if the program is in the right location, and then we will engage in fixing things.
My System SpecsSystem Spec
25 Apr 2013   #35
nottaclue9

Windows 7 Home Premium 64-bit, service pack 1
 
 

Life has gotten interesting, so I'll probably wait till the week-end to try this. Just didn't want y'all to think I was being an ingrate; I just need a chunk of time to myself when I can think.
My System SpecsSystem Spec
25 Apr 2013   #36
cottonball

Windows 7 Home Premium
 
 

Whenever you are ready!!

That is fine with us.
My System SpecsSystem Spec
25 Apr 2013   #37
cottonball

Windows 7 Home Premium
 
 

Do you think you can provide the RogueKiller log (RKreport.txt) you provided in Post #18, and instead of an image, copy/paste the text in a reply?

Would like to work with that, and make all this easier for you, if possible.
It would be the easiest thing yo do at this point.
My System SpecsSystem Spec
26 Apr 2013   #38
nottaclue9

Windows 7 Home Premium 64-bit, service pack 1
 
 

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : RogueKiller - Geeks to Go Forums
Website : Download RogueKiller (Official website)
Blog : tigzy-RK
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Judy [Admin rights]
Mode : Scan -- Date : 04/26/2013 01:24:43
| ARK || FAK || MBR |
Bad processes : 0
Registry Entries : 4
[RUN][SUSP PATH] HKCU\[...]\Policies\Explorer\Run : aefbfeaead (C:\Users\Judy\AppData\Roaming\ae70f096-0091-4777-bf93-94615e57a0e6ad\aefbfeaead.exe) [-] -> FOUND
[RUN][SUSP PATH] HKUS\S-1-5-21-2438601110-3927464551-1267722977-1000[...]\Policies\Explorer\Run : aefbfeaead (C:\Users\Judy\AppData\Roaming\ae70f096-0091-4777-bf93-94615e57a0e6ad\aefbfeaead.exe) [-] -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
Particular Files / Folders:
[ZeroAccess][FILE] @ : C:\$recycle.bin\S-1-5-21-2438601110-3927464551-1267722977-1000\$e753789c7b028571c64e689ed4db51bd\@ [-] --> FOUND
[ZeroAccess][FOLDER] U : C:\$recycle.bin\S-1-5-18\$e753789c7b028571c64e689ed4db51bd\U --> FOUND
[ZeroAccess][FOLDER] U : C:\$recycle.bin\S-1-5-21-2438601110-3927464551-1267722977-1000\$e753789c7b028571c64e689ed4db51bd\U --> FOUND
[ZeroAccess][FOLDER] L : C:\$recycle.bin\S-1-5-18\$e753789c7b028571c64e689ed4db51bd\L --> FOUND
[ZeroAccess][FOLDER] L : C:\$recycle.bin\S-1-5-21-2438601110-3927464551-1267722977-1000\$e753789c7b028571c64e689ed4db51bd\L --> FOUND
Driver : [NOT LOADED]
Infection : ZeroAccess
HOSTS File:
--> C:\windows\system32\drivers\etc\hosts

MBR Check:
+++++ PhysicalDrive0: ST500DM0 02-1BD142 SATA Disk Device +++++
--- User ---
[MBR] 65448ab472fbcfd6f689b590a0e5436e
[BSP] bc8352d5af846e1bd0127f659f7692ae : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0xee) [VISIBLE] Offset (sectors): 1 | Size: 2097151 Mo
User = LL1 ... OK!
User = LL2 ... OK!
+++++ PhysicalDrive1: Lexar USB Flash Drive USB Device +++++
--- User ---
[MBR] 7ff2a1acbc680c812ef961808b542c37
[BSP] 4b8b702b557e3455c4e0f1b634afd5c4 : MBR Code unknown
Partition table:
0 - [XXXXXX] FAT32 (0x0b) [VISIBLE] Offset (sectors): 2192 | Size: 15274 Mo
User = LL1 ... OK!
Error reading LL2 MBR!
Finished : << RKreport[1]_S_04262013_02d0124.txt >>
RKreport[1]_S_04262013_02d0124.txt

I have a feeling this isn't right.
My System SpecsSystem Spec
26 Apr 2013   #39
cottonball

Windows 7 Home Premium
 
 

That's it.

Please run RogueKiller once again:

Close all windows and browsers
Right-click RogueKiller and select 'Run as Administrator'
Wait until the Prescan finishes
The Status box shows: PreScan Finished

Press: Scan

When done, on the right, click: Delete
Wait until the Status box shows: Deleting Finished

Click on Report and provide the content of the new Rkreport (Mode: Delete) in your reply.
My System SpecsSystem Spec
28 Apr 2013   #40
nottaclue9

Windows 7 Home Premium 64-bit, service pack 1
 
 

So I sat down tonight to try to do the removal procedure when Windows Security Essentials sent me a red pop-up saying that it had detected suspicious items and that my computer needed to be cleaned. So I clicked on the proper button and then restarted as instructed. I then had a red window in the center of my screen (not lower right-hand like the first warning) that listed these three threats:

Trojan.PSW.Win32launch
HacToolWin32/Welevate.A
Adware.Win32.Fraud

Again, I was told I needed to clean my computer. But when I clicked on the button, I got the ribbon notice at the bottom of my screen, telling me that running the program would harm my computer. I didn't know whether to trust anything that had happened, and I didn't feel safe going on line to contact you guys, so I ran a full Malware Bytes scan. It detected two items:

Trojan.agentKB
Trogan.agentKD

Meanwhile, there has been activity I didn't allow on my third credit card in the last two months. I am about to give up, as dealing with this and the fallout from it has taken immense amounts of my time and made me really paranoid. I am ready to drop-kick the HP over my back fence & get a Mac.
My System SpecsSystem Spec
Reply

 Is someone sharing Windows 7 with me?




Thread Tools




Similar help and support threads
Thread Forum
Sharing between Windows 7 and XP
I have a Windows 7 machine, and an XP machine, and I'm trying to set up sharing of folders between the two systems. And I'm experiencing two problems. 1. Though the shared drives show up on both systems, I can access the drives on the XP system from the Windows 7 system, but cannot access the...
Network & Sharing
Sharing between windows 7 pc and xp
Hey, so got a problem, in our office we have a windows 7 pc sharing some folders over our domain, now other windows 7 pcs have no problem getting into the shares, and most of the time the xp machines can get in too but every now and again the xp machines cant get into the windows 7 sharing pc it...
Network & Sharing
Windows 7 mkv sharing.
I have a Windows 7 computer that I have a shared folder setup on. I have a Windows 7 laptop that I'm accessing that shared folder on. All the files in that shared folder is showing up except for one folder that contains MKV files. That folder isn't showing up at all on the laptop. Anyone have any...
Network & Sharing
File Sharing and Homegroup Sharing Problem
Hi, I have been going crazy trying to get my PC to share files with a couple of laptops. I am running Windows 7 64 Bit and the laptops are running Windows 7 64 bit and Windows XP. I have enabled file sharing but The Windows 7 Laptop keeps giving me an unknown error when trying to join a...
Network & Sharing
Sharing between Windows 7 and XP
I'm very new at networking, so please be tolerant of my ignorance. I have a Windows 7 Ultimate 64 system and a Windows XP Home SP3 system. After a lot of blind alleys, I've got them connected through a Netgear wireless router physically connected to the Win 7 machine, and a Cisco USB network...
Network & Sharing


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 08:40.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App