Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

UACd.sys infection


  • Please log in to reply
2 replies to this topic

#1 vma_ph

vma_ph

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:07:52 PM

Posted 18 July 2009 - 08:20 AM

Hi, I got infected with UACd.sys and am getting the google installer message. Chanced upon your website and read the instructions. downloaded combofix.exe and saved it to my desktop, disabled my anti-virus and closed all windows. but when i doubl-clicked on combofix.exe, nothing happened. What am i missing? Please help!!!

Follow-up: I changed the name and was able to successfully run combofix. Except that during the scanning of infected files, i got a microsoft message saying dumphive.cfexe encountered a problem and will be closed. Send a report or not. I clicked do not send and the scanning proceeded all the way to the creation of the log report, which follows below:


EDIT Combofix log removed as it is not allowed in this forum
Please follow Dachew's instructions

Edited by garmanma, 18 July 2009 - 04:39 PM.


BC AdBot (Login to Remove)

 


#2 Guest_The weatherman_*

Guest_The weatherman_*

  • Guests
  • OFFLINE
  •  

Posted 18 July 2009 - 11:55 AM

Moved from HJT to a more appropriate forum. Tw

Please note the message in blue at the top of this thread vma_ph. :thumbsup:

Edited by The weatherman, 18 July 2009 - 11:56 AM.


#3 DaChew

DaChew

    Visiting Alien


  • BC Advisor
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop

Posted 18 July 2009 - 12:12 PM

This is a very nasty infection

http://rootrepeal.googlepages.com/

http://rootrepeal.googlepages.com/RootRepeal.zip

or

http://ad13.geekstogo.com/RootRepeal.zip

Just use the file tab at the bottom, scan and paste the report into a reply here please

Posted Image
Chewy

No. Try not. Do... or do not. There is no try.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users