In Windows 7 and Vista

Go to Start Menu and Inside the Search box type CMD.
Now at the Top side if the Start menu you can see one file Called CMD.
Right Click on that one and Select the Option RUN AS ADMINISTRATOR

In Windows XP
Go to Run and type "cmd" to open the command prompt

Now you will get a black Window. Inside that black window type the above commands.

Type or copy & paste "sfc /scanfile=c:\windows\system32\services.exe"
and press enter

. Restart your computer

This will replace the infected services.exe with the original.

---

Sreedharram wrote:

In Windows 7 and Vista

Go to Start Menu and Inside the Search box type CMD.
Now at the Top side if the Start menu you can see one file Called CMD.
Right Click on that one and Select the Option RUN AS ADMINISTRATOR

In Windows XP
Go to Run and type "cmd" to open the command prompt

Now you will get a black Window. Inside that black window type the above commands.

Type or copy & paste "sfc /scanfile=c:\windows\system32\services.exe"
and press enter

. Restart your computer

This will replace the infected services.exe with the original.

 

 

 

---

And what about the rest of the infection??

Quads

Sure we can fix that one one by one. I am not telling this is the end of the troubleshoting.... Our main problem now is Trojan.patchep!sys. First we need to fix it in a simple way. After that we can run the other tools and check the Logs........

Thank you.......

There is a reason why Malware removalists like myself do things the way we do.  

Your instructions as a whole don't work  I have tried it.

Dumb instructions is why malware removal forums are protected from this.

There is also areason why I have been notified that the likes of ESET is using the approch I use.  by not touching services.exe first up.

Quads

I appreciate the advice.

@Quads: I have done nothing as of yet as I wish to remove all problems and not just part of it.  Please advise.

Thanks,

Jack

ANY other user other than the thread starter is not to use any instructions, scripts or proceedures,  The work though in cleaning a system is individual and only for that system due to a number of factors.

Please do not run any tools unless instructed to do so. 

• We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability. Do as the instructions ask nothing extra or run things twice
• If I ask a Question just answer it, don't run anything unless it states.
• Major steps used:

1. Find

2. Break

3. Destroy

4. Cleanup  (including system as a whole)

Please read every post completely before doing anything. 

• Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.

• Logs from malware removal programs (OTL is one of them) can take some time to analyze. I need you to be patient while I analyze any logs you post. Please remember, I am a volunteer, and I do have a life outside of these forum, (sometimes )
  
  
• Attention to detail is important! Since I cannot see or directly interact with your computer I am dependent on you to "be my eyes" and provide as much information as you can regarding the current state of your computer.

Read Slowly and all of it.

Please download http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/   You need to download the 64 bit version 

Transfer it on to the Flash Drive / portable Hard Drive.

Enter System Recovery Options. 

To enter System Recovery Options from the Advanced Boot Options:

• Restart the computer.
• As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
• Use the arrow keys to select the Repair your computer menu item.
• Choose your language settings, and then click Next.
• Select the operating system you want to repair, and then click Next.
• Select your user account and click Next.

On the System Recovery Options menu you will get the following options:

Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt

• Select Command Prompt
• In the command window type in notepad and press Enter.
• The notepad opens. Under File menu select Open.
• Select "Computer" and find your flash drive  / portable Hard Drive letter and close the notepad.
• In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
  Note: Replace letter e with the drive letter of your flash drive.
• The tool will start to run.
• When the tool opens click Yes to disclaimer.
• Press Scan button.
• It will make a log (FRST.txt) on the flash drive.  restart the system and load Windows Please attach the log in your reply.

Quads

Thanks for the assistance. The reply is attached.

You are lucky you didn't follow the other users instructions as you are infected by more than just zeroaccess

I am going to get more data

Download the script attached, needs to be the same file name as well (fixlist.txt), Copy across to flash drive

NOTE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Now please enter System Recovery Options again. Like previously

• Select Command Prompt
• In the command window type in notepad and press Enter.
• The notepad opens. Under File menu select Open.
• Select "Computer" and find your flash drive letter and close the notepad.
• In the command window type e:\frst.exe or frst64.exe and press Enter
  Note: Replace letter e with the drive letter of your flash drive.
• The tool will start to run.
• When the tool opens click Yes to disclaimer.
• Press the Fix button just once and wait.
• The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

Quads

Ok. Steps taken and fixlog is attached.

Thanks again