WONT SHUT DOWN! not sure if its a virus or not

Page 6 of 7 FirstFirst ... 4567 LastLast

  1. Posts : 39
    Windows 7 home premium 64bit
    Thread Starter
       #51

    here are the reports, the 1str one is the one where it found the file
    mbar-log-2013-02-18 (20-06-46).txt
    mbar-log-2013-02-18 (20-21-10).txt
      My Computer


  2. Posts : 2,470
    Windows 7 Home Premium
       #52

    Please go back to Post #28, and run RogueKiller once again, per those instructions.

    Let's see what it reports.

    We cannot rely on one program alone to claim victory over the ZeroAccess Rootkit, so, please be patient and bear with me.
      My Computer


  3. Posts : 39
    Windows 7 home premium 64bit
    Thread Starter
       #53

    rogue killer is still coming up with everything and it opens a website explaining how to get rid of zeroaccess also known as Max++

    here is the website: tigzyrk.blogspot.com/2011/09/rootkit-zeroaccess-max.html

    I used the delete feature, scanned again and it came up clean, here is the report before and after the delete
    RKreport[3]_D_02182013_02d2035.txt
    RKreport[4]_S_02182013_02d2040.txt
    Last edited by alaska skier; 19 Feb 2013 at 00:46. Reason: to add the link and reports
      My Computer


  4. Posts : 39
    Windows 7 home premium 64bit
    Thread Starter
       #54

    thanks cottonball for helping me with this nasty piece of work as i use my computer a lot for school and have learned to now do backups the hard way and am set to go buy a portable hard drive, ill be waiting for you to tell me what to do next, hopefully it's to check that this problem is resolved.
      My Computer


  5. Posts : 2,470
    Windows 7 Home Premium
       #55

    Please post the newest RogueKiller report. Need to see it. Can't operate in the blind.

    Never mind!!
    Did not see your edit. Overlooked that you already posted the reports.

    Need to check both of them, and will be back.
    Last edited by cottonball; 19 Feb 2013 at 01:20.
      My Computer


  6. Posts : 39
    Windows 7 home premium 64bit
    Thread Starter
       #56

    thanks cottonball
      My Computer


  7. Posts : 2,470
    Windows 7 Home Premium
       #57

    Let's press on...

    Please download TDSSKiller:
    http://support.kaspersky.com/downloa...tdsskiller.exe
    Save to the desktop.
    The program can be run in Normal Mode and Safe Mode.

    Double-click on TDSSKiller.exe to execute.
    Click on Change parameters, and select: TDLFS file system
    Press Start scan to begin.

    If anything is found, do not change the default options on the scan results.
    However, do not use: Delete >> Instead, change to: Skip
    Click on: Continue

    If prompted to reboot your computer, please consent.

    Once the program is done, a log is produced at C:\
    It is named: TDSSKiller.Version_Date_Time_log.txt

    Please post the contents of the TDSSKiller report in your reply.

    I'm signing off for tonight, but will be back during the day. It is 1:10AM here...3 hours difference from Alaska.
      My Computer


  8. Posts : 39
    Windows 7 home premium 64bit
    Thread Starter
       #58

    WOW,sorry never realized that time difference, will do the TDSS killer, i have herd good things about this program
      My Computer


  9. Posts : 2,470
    Windows 7 Home Premium
       #59

    TDSSKiller will provide us additional information.

    At this point, I am not certain that what RogueKiller found was an active Rootkit, vs. remnants of an infection that is no longer active.

    FRST is a very good picker-upper of ZeroAccess, and it did not show there.

    What MBAR picked up was an entry that was not definitely identified as ZA.
    It does pick up entries that are not Rootkits, and I have tested that on my computer.

    All these things get trickier by the minute, and, therefore, one needs to take things one at a time, and evaluate the general consensus (based on reports) of the tools run.
    Last edited by cottonball; 19 Feb 2013 at 20:12.
      My Computer


  10. Posts : 39
    Windows 7 home premium 64bit
    Thread Starter
       #60

    sorry, had school, will run tdss in safe mode with the parameters given, also, my tech coordinator gave me a program to try called spybot-search and destroy, any thoughts? as i will try this too
    Last edited by alaska skier; 20 Feb 2013 at 00:04. Reason: add more info
      My Computer


 
Page 6 of 7 FirstFirst ... 4567 LastLast

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 08:48.
Find Us