Older HP Pavillion desktop, running XP Media Center 2002 SP 3.
Have SAV Corporate Edition (version unknown) but I did note my virus definitions were current as of 9/3/11 on Saturday.
Attempting to close IE window (IE 8), got a fake Windows message - your computer is infected. I went to Task Manager, ended the IE and Message programs and immediately shut the PC down.
On reboot, the malware got more assertive displaying fake Windows Firewall messages about blocking certain applications. I tried to run Symantec, but as it got started it quickly was closed and then I've been unable to run it - in safe mode, safe mode w/networking or regular mode.
I turned off System Restore at that point.
I was able to run Spybot and it found - something it labelled Security Center.Firewall Bypass which it claimed to have deleted. However, on every reboot and scan it comes back - along with Win32.AVkillsvc.e
I located, downloaded and tried Norton Power Eraser - it would not start.
I located, downloaded and tried Kapersky Virus Removal Tool - it ran and keeps finding a corrupt file - ...\GAC_MSIL\Desktop.ini - which it attempts to fix, then says it will delete on reboot - it comes back and it says its associated with Backdoor.Win32.ZAccess.dg
I located, downloaded and ran Symantecs separate SupportTool.exe which starts runs a bit then hangs up at somepoint while the fake firewall messages start popping up. the Tool does have Symantec Power Eraser as an option, but it keeps insisting I've chosen a rootkit scan option, even though I've not checked the option so it forces a reboot and thus does nothing except force yet another reboot.
IE works - sort of - if I use it to browse most sites it works - but if I try to go to any anti virus/security site it redirects elsewhere. ClickNet.
Chrome - which I'd never used - works but I'm getting adware now, least of my issues. I seem to be able to get to most sites.
I can try to run the couple files - I saw one earlier forum on similar ZAccess.dg, but after the initial submission, there was no response to the bleeping computer autobot reachout .
Suggesions welcome - trying not to pay Symantec $100 to fix something I think thier AV should have caught in the 1st place.
Thank you anyone!
Edited by Budapest, 05 September 2011 - 05:29 PM.
Moved from Virus, Trojan, Spyware, and Malware Removal Logs ~Budapest