Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with Rogue.AntivirusSuite & Trojan.Fraudpacka + DNSChanger


  • Please log in to reply
2 replies to this topic

#1 robuk

robuk

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:08:11 PM

Posted 02 July 2010 - 02:49 PM

My original problem was the NT Autority shutdown services.exe message 1073741819 which I think i have solved. I have used Malwarebytes a number of times and it appears to remove the problem but when rebooted infections reappear. I have switched off restore and the only time MWB finds no prob is in safe mode with internet unplugged. Looking on various sites and forums it appears Combofix is the next step, advice please.
I'm running XP Pro on a Dell Vostro 2Ghz 2mg ram, I use AVG and run Superantispyware and MWB regularly. My kids use a number of foreign sites for anime and manga cartoons so I'm thinking this is where the problem may have started.
The last MWB log shows only 2 problems but previously I have had problems with DNSChanger trojans.
MWB log
HKEY_LOCAL_MACHINE\SOFTWARE\avsuite (Rogue.AntivirusSuite) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\avsoft (Trojan.Fraudpack) -> Quarantined and deleted successfully.
Many thanks
Rob

Edited by Blade Zephon, 02 July 2010 - 07:55 PM.
Moved to AII as no logs provided and Prep Guide not followed. ~BZ


BC AdBot (Login to Remove)

 


#2 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:11 AM

Posted 05 July 2010 - 08:21 PM

Try this:

http://www.bleepingcomputer.com/virus-remo...sing-tdsskiller
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#3 robuk

robuk
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:08:11 PM

Posted 07 July 2010 - 06:27 AM

:thumbsup:
Solved, many thanks.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users