possible virus, which forum to go to for help

Page 2 of 7 FirstFirst 1234 ... LastLast

  1. Layback Bear
    Posts : 25,847
    Windows 10 Pro. 64/ version 1709 Windows 7 Pro/64
       New #11

    Trojan.Zeroaccess | Symantec

    CVE-2009-1672, CVE-2009-4324, CVE-2010-1885 Trojan.Zeroaccess is a Trojan horse that uses an advanced rootkit to hide itself. It can also create a hidden file system, downloads more malware, and opens a back door on the compromised computer.

    The Trojan is called ZeroAccess due to a string found in the kernel driver code that is pointing to the original project folder called ZeroAccess. It is also known as max++ as it creates a new kernel device object called __max++>.

    If it was my computer and it had a advanced rootkit I would do a clean wipe install.
    one way.
    Windows 7 Installation - Prepare PC to be Sold
    I recommend changing all password for everything using another clean computer. Inform your banks and credit card companies ect. what happened.
    I would not copy over any thing from old install to the new install because it can and probable is infected also.
    You have been infected by one of the Bad Boys of infections and the backdoor was left open for all his buddies.
      My Computer
    Quote Quote

  3. drmax
    Posts : 314
    W7 premium 64
    Thread Starter
       New #12

    Layback Bear said:
    Trojan.Zeroaccess | Symantec
    I'm not a norton user. Manually looks totally complicated.
      My Computer
    Quote Quote

  4. Layback Bear
    Posts : 25,847
    Windows 10 Pro. 64/ version 1709 Windows 7 Pro/64
       New #13

    Post #9 RK found Zerroaccess
    Post #10 Zerroaccess is issue at hand.
    ------------------------
    This is what my post #11 is all about.
    Was Zerroaccess found on your computer as post #9 and 10 indicate?
    Yes or No.
      My Computer
    Quote Quote

  6. drmax
    Posts : 314
    W7 premium 64
    Thread Starter
       New #14

    yes


    yes, read my log post #7 please
      My Computer
    Quote Quote

  7. cottonball
    Posts : 2,470
    Windows 7 Home Premium
       New #15

    drmax,

    Since we are dealing with ZeroAccess, let's approach the issue in a mode before Windows starts.
    We could use the Delete option in RogueKiller, but the program operates while in Windows, and there might be more to the infection than what it finds.


    Need some information in order to proceed...

    Confirming the Operating System on the involved computer is Windows Seven 64-bit.

    Do you have the Repair your computer option in the Advanced Boot Options menu?

    To find out:

    Restart the computer.
    • As soon as the BIOS is loaded begin tapping the F8 key until the Advanced Boot Options menu appears.
    • Is the Repair your computer option listed?
    If you do not have the option above, do you have your Windows installation CD/DVD available?

    And last, do you have a USB flash drive available, and do you have access to another computer?
      My Computer
    Quote Quote

  8. drmax
    Posts : 314
    W7 premium 64
    Thread Starter
       New #16

    yes 64 bit. Tapping F8 brought me to a boot menu and repair disk option not there. I do own my windows 7 cd and have it now.
      My Computer
    Quote Quote

  10. cottonball
    Posts : 2,470
    Windows 7 Home Premium
       New #17

    We are ready to roll if you also have a USB flash drive available, and have access to another computer.

    Is that the case?
      My Computer
    Quote Quote

  11. DBone
    Posts : 431
    Windows 7 Home Premium x64 SP1
       New #18

    Layback Bear said:

    If it was my computer and it had a advanced rootkit I would do a clean wipe install.
    Cotton is giving you 1st rate help and with his help you may defeat the rootkit, but I tend to agree with Bear on this.

    On top of cotton's advice you could also try the new program from Malwarebytes that targets rootkits only, while it's still in beta it has been getting rave reviews and is very stable. I don't see that you have anything to lose at this point............. Definitely follow cotton's advice first while he's working with you.

    Malwarebytes : Malwarebytes Anti-Rootkit
      My Computer
    Quote Quote

  12. drmax
    Posts : 314
    W7 premium 64
    Thread Starter
       New #19

    cottonball said:
    We are ready to roll if you also have a USB flash drive available, and have access to another computer.

    Is that the case?
    not just yet
    Last edited by drmax; 25 Jan 2013 at 21:49.
      My Computer
    Quote Quote

  13. drmax
    Posts : 314
    W7 premium 64
    Thread Starter
       New #20

    DBone said:
    Layback Bear said:

    If it was my computer and it had a advanced rootkit I would do a clean wipe install.
    Cotton is giving you 1st rate help and with his help you may defeat the rootkit, but I tend to agree with Bear on this.

    On top of cotton's advice you could also try the new program from Malwarebytes that targets rootkits only, while it's still in beta it has been getting rave reviews and is very stable. I don't see that you have anything to lose at this point............. Definitely follow cotton's advice first while he's working with you.

    Malwarebytes : Malwarebytes Anti-Rootkit
    i wished that would have been brought up sooner. i just ran it and bAM, found 7 items. will report back when i finish and give results.
      My Computer
    Quote Quote

 
Page 2 of 7 FirstFirst 1234 ... LastLast

  Related Discussions
Hello, been trying to fix my BSOD issues for a while. Usually occurs when playing League of legends, might work all day long and all fine, but sometimes I get BSOD. I just recently played Dungeons 2 from Steam and Rocket League, and I get BSOD from Dungeons 2 or that the games just close without...
A few years back I was a member of a few different Win 7 forums. One of the forums was administered by javajolt and have lost my link to their site. Does anyone know the name of this forum? Thanks so much!!
Most places I've been to have a dedicated subforum for handling issues or questions regarding the forum, moderation and similar. Do we have one such here?
Virus On Forum, Or...?
in General Discussion

Hello, I received a Google-Alert that someone on the Fprum here has answered a Query of mine. As usual, it gives a link on to go directly to it. Using Thunderbird. What opens up is a graphic that says: Wanted Web page required
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

 © Designer Media Ltd
All times are GMT -5. The time now is 13:25.
Find Us