ZeroAcces Malware Infection

[Mahmoud_K]

Hey guys,

i have a Malware don`t know where i got it .. as i have avast internet security .. anyways .. i read a post here earlier regarding zeroaccess and i`m following the steps there i downloaded RogueKiller and made a scan .. and here is the log.

RogueKiller V8.5.2 [Feb 23 2013] by Tigzy

mail : tigzyRK<at>gmail<dot>com

Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/

Website : http://tigzy.geekstogo.com/roguekiller.php

Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User : MaHMooD [Admin rights]

Mode : Scan -- Date : 03/02/2013 21:37:43

| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 2 ¤¤¤

[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

[ZeroAccess][FILE] Desktop.ini : C:\windows\Assembly\GAC_32\Desktop.ini [-] --> FOUND

[ZeroAccess][FILE] Desktop.ini : C:\windows\Assembly\GAC_64\Desktop.ini [-] --> FOUND

[susp.ASLR][FILE] services.exe : C:\windows\system32\services.exe [-] --> FOUND

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ Infection : ZeroAccess ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

--> C:\windows\system32\drivers\etc\hosts

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: TOSHIBA MK5075GSX +++++

--- User ---

[MBR] 9635bdefa5d76b496f08607e58c4beb3

[bSP] c1bab54c5f69f6f9777100e87eaf85a8 : Windows Vista MBR Code

Partition table:

0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo

1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 112743 Mo

2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 233971712 | Size: 350001 Mo

3 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 950773760 | Size: 12695 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[1]_S_03022013_02d2137.txt >>

RKreport[1]_S_03022013_02d2137.txt

didn`t want to continue until i get a professional opinion .. to know if i continue with the fix or do another steps.

Thanks in advance

[daledoc1]

Hello and welcome:

It does look as if you may be infected.

We can't review scan logs or work on malware diagnostics and removal in this sub-section of the forum.

So, for expert assistance, please follow the recommendations in this sticky topic: Available Assistance For Possibly Infected Computers.

A qualified helper will guide you through the cleanup process.

Thanks,

daledoc1

[Mahmoud_K]

Sorry i Opened the Wrong Section ... i`ll post it in the malware removal section

[daledoc1]

That's OK.

Newcomers often post in this forum section with their malware issues.

The experts over in the malware removal section will help you out.

Good luck,

daledoc1