also @ TechSpot: Nvidia GeForce GTX 780 Review

Win64/patched.a removal help needed services.exe infected

Discussion in 'Virus and Malware Removal' started by Lfis492a, Oct 23, 2012.

Post New Reply
Page 3 of 3

  1. Lfis492a Newcomer, in training Posts: 38

    Lol. I see. I mean if you are sure it's clean and that those files found were just remnant pieces im fine especially if we are goiing to clear all the restore points and if the restore points were what was detected.
    what do you think??
    Lfis492a, Oct 24, 2012
    #41

  2. Lfis492a Newcomer, in training Posts: 38

    I'll just run again and catch you tomorrow. thanks. good night.
    Lfis492a, Oct 24, 2012
    #42

  3. Broni Malware Annihilator Posts: 39,372   +175

    We don't know if the scan ever completed so I'd re-run it.
    Broni, Oct 24, 2012
    #43

  4. Lfis492a Newcomer, in training Posts: 38

    Results of eset
    C:\_OTL\MovedFiles\10242012_104232\C_\FRST\Quarantine\services.exe Win64/Patched.A.Gen trojan deleted - quarantined
    C:\_OTL\MovedFiles\10242012_104232\C_FRST\Quarantine\{1b405ce6-8848-e2d9-71ed-723aea56cefb}\U\00000004.@ Win64/Conedex.C trojan cleaned by deleting - quarantined
    C:\_OTL\MovedFiles\10242012_104232\C_FRST\Quarantine\{1b405ce6-8848-e2d9-71ed-723aea56cefb}\U\00000008.@ Win64/Agent.BA trojan cleaned by deleting - quarantined
    C:\_OTL\MovedFiles\10242012_104232\C_FRST\Quarantine\{1b405ce6-8848-e2d9-71ed-723aea56cefb}\U\000000cb.@ Win64/Conedex.B trojan cleaned by deleting - quarantined
    C:\_OTL\MovedFiles\10242012_104232\C_FRST\Quarantine\{1b405ce6-8848-e2d9-71ed-723aea56cefb}\U\80000000.@ Win64/Sirefef.AP trojan cleaned by deleting - quarantined
    C:\_OTL\MovedFiles\10242012_104232\C_FRST\Quarantine\{1b405ce6-8848-e2d9-71ed-723aea56cefb}\U\80000032.@ probably a variant of Win32/Sirefef.FD trojan cleaned by deleting - quarantined
    C:\_OTL\MovedFiles\10242012_104232\C_FRST\Quarantine\{1b405ce6-8848-e2d9-71ed-723aea56cefb}\U\80000064.@ Win64/Sirefef.AN trojan cleaned by deleting - quarantined
    D:\Corel\Suite8\Programs\CCWin\Aim\Sysfiles\WxBug.EXE Win32/Adware.WBug.A application cleaned by deleting - quarantined
    D:\Documents and Settings\All Users\Desktop\BS227.exe multiple threats cleaned by deleting - quarantined
    D:\Documents and Settings\PC\Local Settings\Temp\dat2.tmp JS/AdWare.SearchPage.A virus deleted - quarantined
    D:\Documents and Settings\PC\Local Settings\Temp\dat54.tmp JS/AdWare.SearchPage.A virus deleted - quarantined
    D:\Documents and Settings\PC\Local Settings\Temp\dat5F.tmp JS/AdWare.SearchPage.A virus deleted - quarantined
    Lfis492a, Oct 25, 2012
    #44

  5. Lfis492a Newcomer, in training Posts: 38

    All processes killed
    ========== OTL ==========
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: All Users

    User: AppData
    ->Temp folder emptied: 0 bytes

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: Grumpy
    ->Temp folder emptied: 146346515 bytes
    ->Temporary Internet Files folder emptied: 7063762 bytes
    ->Java cache emptied: 0 bytes
    ->FireFox cache emptied: 59324303 bytes
    ->Google Chrome cache emptied: 0 bytes
    ->Apple Safari cache emptied: 0 bytes
    ->Flash cache emptied: 492 bytes

    User: LogMeInRemoteUser
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: Public
    ->Temp folder emptied: 0 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32 (64bit) .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 100252 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
    %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 134 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 203.00 mb


    [EMPTYFLASH]

    User: All Users

    User: AppData

    User: Default

    User: Default User

    User: Grumpy
    ->Flash cache emptied: 0 bytes

    User: LogMeInRemoteUser

    User: Public

    Total Flash Files Cleaned = 0.00 mb


    [EMPTYJAVA]

    User: All Users

    User: AppData

    User: Default

    User: Default User

    User: Grumpy
    ->Java cache emptied: 0 bytes

    User: LogMeInRemoteUser

    User: Public

    Total Java Files Cleaned = 0.00 mb

    Restore point Set: OTL Restore Point

    OTL by OldTimer - Version 3.2.69.0 log created on 10252012_080805

    Files\Folders moved on Reboot...
    C:\Users\Grumpy\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

    PendingFileRenameOperations files...

    Registry entries deleted on Reboot...
    Lfis492a, Oct 25, 2012
    #45

  6. Lfis492a Newcomer, in training Posts: 38

    I'm up to the updates part. I get an error code on the windows update "WindowsUpdate_800736B3"
    Lfis492a, Oct 25, 2012
    #46
     

  7. Broni Malware Annihilator Posts: 39,372   +175

    Any update or some particular one?
    Broni, Oct 25, 2012
    #47

  8. Lfis492a Newcomer, in training Posts: 38

    Windows 7 service pack 1 even the manual install doesn't work
    Lfis492a, Oct 25, 2012
    #48

  9. Broni Malware Annihilator Posts: 39,372   +175

    Download Windows Repair (all in one) from this site

    Install the program then run it.

    Go to Step 2 and allow it to run CheckDisk by clicking on Do It button:

    [IMG]



    Once that is done then go to Step 3 and allow it to run System File Check by clicking on Do It button:

    [IMG]


    Go to Step 4 and under "System Restore" click on Create button:

    [IMG]


    Go to Start Repairs tab and click Start button.

    [IMG]


    Please ensure that ONLY items seen in the image below are ticked as indicated (they're all checked by default):

    [IMG]

    Click on box next to the Restart System when Finished. Then click on Start.

    Then try updates again.
    Broni, Oct 25, 2012
    #49

  10. Lfis492a Newcomer, in training Posts: 38

    Ok doing it now
    Lfis492a, Oct 25, 2012
    #50

  11. Lfis492a Newcomer, in training Posts: 38

    No go
    update of windows 7 service pack 1 no go.
    Lfis492a, Oct 25, 2012
    #51

  12. Broni Malware Annihilator Posts: 39,372   +175

    At this point....

    In this forum, we make sure, your computer is free of malware and your computer is clean :)
    Because the access to malware forum is very limited, your best option is to create new topic about your current issue, at Windows section.
    You'll get more attention.

    Good luck!
    Broni, Oct 25, 2012
    #52

  13. Lfis492a Newcomer, in training Posts: 38

    I got it. I rebooted a few times and it's installed (service pack 1) and then I ran update again and I got a few more updates. if they are all done after this I'm all fine. thank you very very much. I'll reach out to you on my other pc. Thanks again
    Lfis492a, Oct 26, 2012
    #53

  14. Broni Malware Annihilator Posts: 39,372   +175

    Good news :)
    Broni, Oct 26, 2012
    #54
Page 3 of 3

Add New Comment

Social Login & Guest Posting

TechSpot Members
Login here or sign up for free,
it takes about a minute.
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.