Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: possible virus, which forum to go to for help


25 Jan 2013   #11

Windows 7 Pro. 64/SP-1
 
 

Trojan.Zeroaccess | Symantec

CVE-2009-1672, CVE-2009-4324, CVE-2010-1885 Trojan.Zeroaccess is a Trojan horse that uses an advanced rootkit to hide itself. It can also create a hidden file system, downloads more malware, and opens a back door on the compromised computer.

The Trojan is called ZeroAccess due to a string found in the kernel driver code that is pointing to the original project folder called ZeroAccess. It is also known as max++ as it creates a new kernel device object called __max++>.

If it was my computer and it had a advanced rootkit I would do a clean wipe install.
one way.
Windows 7 Installation - Prepare PC to be Sold
I recommend changing all password for everything using another clean computer. Inform your banks and credit card companies ect. what happened.
I would not copy over any thing from old install to the new install because it can and probable is infected also.
You have been infected by one of the Bad Boys of infections and the backdoor was left open for all his buddies.

My System SpecsSystem Spec
.

25 Jan 2013   #12

W7 premium 64
 
 

Quote   Quote: Originally Posted by Layback Bear View Post
I'm not a norton user. Manually looks totally complicated.
My System SpecsSystem Spec
25 Jan 2013   #13

Windows 7 Pro. 64/SP-1
 
 

Post #9 RK found Zerroaccess
Post #10 Zerroaccess is issue at hand.
------------------------
This is what my post #11 is all about.
Was Zerroaccess found on your computer as post #9 and 10 indicate?
Yes or No.
My System SpecsSystem Spec
.


25 Jan 2013   #14

W7 premium 64
 
 
yes

yes, read my log post #7 please
My System SpecsSystem Spec
25 Jan 2013   #15

Windows 7 Home Premium
 
 

drmax,

Since we are dealing with ZeroAccess, let's approach the issue in a mode before Windows starts.
We could use the Delete option in RogueKiller, but the program operates while in Windows, and there might be more to the infection than what it finds.


Need some information in order to proceed...

Confirming the Operating System on the involved computer is Windows Seven 64-bit.

Do you have the Repair your computer option in the Advanced Boot Options menu?

To find out:

Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until the Advanced Boot Options menu appears.
  • Is the Repair your computer option listed?
If you do not have the option above, do you have your Windows installation CD/DVD available?

And last, do you have a USB flash drive available, and do you have access to another computer?
My System SpecsSystem Spec
25 Jan 2013   #16

W7 premium 64
 
 

yes 64 bit. Tapping F8 brought me to a boot menu and repair disk option not there. I do own my windows 7 cd and have it now.
My System SpecsSystem Spec
25 Jan 2013   #17

Windows 7 Home Premium
 
 

We are ready to roll if you also have a USB flash drive available, and have access to another computer.

Is that the case?
My System SpecsSystem Spec
25 Jan 2013   #18

Windows 7 Home Premium x64 SP1
 
 

Quote   Quote: Originally Posted by Layback Bear View Post

If it was my computer and it had a advanced rootkit I would do a clean wipe install.
Cotton is giving you 1st rate help and with his help you may defeat the rootkit, but I tend to agree with Bear on this.

On top of cotton's advice you could also try the new program from Malwarebytes that targets rootkits only, while it's still in beta it has been getting rave reviews and is very stable. I don't see that you have anything to lose at this point............. Definitely follow cotton's advice first while he's working with you.

Malwarebytes : Malwarebytes Anti-Rootkit
My System SpecsSystem Spec
25 Jan 2013   #19

W7 premium 64
 
 

Quote   Quote: Originally Posted by cottonball View Post
We are ready to roll if you also have a USB flash drive available, and have access to another computer.

Is that the case?
not just yet
My System SpecsSystem Spec
25 Jan 2013   #20

W7 premium 64
 
 

Quote   Quote: Originally Posted by DBone View Post
Quote   Quote: Originally Posted by Layback Bear View Post

If it was my computer and it had a advanced rootkit I would do a clean wipe install.
Cotton is giving you 1st rate help and with his help you may defeat the rootkit, but I tend to agree with Bear on this.

On top of cotton's advice you could also try the new program from Malwarebytes that targets rootkits only, while it's still in beta it has been getting rave reviews and is very stable. I don't see that you have anything to lose at this point............. Definitely follow cotton's advice first while he's working with you.

Malwarebytes : Malwarebytes Anti-Rootkit
i wished that would have been brought up sooner. i just ran it and bAM, found 7 items. will report back when i finish and give results.
My System SpecsSystem Spec
Reply

 possible virus, which forum to go to for help




Thread Tools



Similar help and support threads for2: possible virus, which forum to go to for help
Thread Forum
Solved how to fix / clean windows from ramnit virus and virut virus? System Security
I have a virus and unable to run/download anti-virus software System Security
Want ideas for Virus removal if virus shows up in safemode CMD System Security
Partition Virus/Non-system Drive Virus System Security
Solved Is there a Forum issues Forum Chillout Room
Virus On Forum, Or...? General Discussion

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 01:34 AM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33