Posted 09 October 2011 - 03:01 AM
Hey there forum.
I'd like to start off by saying this is in fact my first post, and I do not know where else to turn.
I'm running Windows 7 Ultimate on a 64 bit machine.
A couple of days ago, I was using AVG free 2012 as my virus protection software.
I was on my computer, and all of a sudden a warning for a virus (I can't remember correctly, but I think it was a Trojan of some sort). I tried to delete it, and it said no infections were found. I thought that was a good thing. Well, a couple minutes later it happens again...so I tried to get rid of it again. For the record, I believe it might have been a zip file that I downloaded off the internet that might have got me this virus.
Then I used MBAM which found nothing, and I started to believe it was nothing. After a couple more times though, I got worried. I got online and bought Norton 360 Premier Edition 5.0 and started scanning.
The scans came up with nothing, but then I noticed that in the corner it started giving me two notifications. One notification was saying a virus (I believe a trojan backdoor 2 or something like that?) was blocked, and that my computer was safe. The other one was saying that a different virus (I think a TDSS? I'm terrible with names...) required immediate manual removal. I followed Nortons instructions, which led me to download their FixTDSS program, which found absolutely nothing. So I did some research, and found Kasperskys TDSSKiller, also to no avail. However, when I ran it, FixTDSS told me this,
"Suspicious use of Kernal callback but MBR appears intact. Repair not done. No infections found."
Frustrated, I googled some more. I found out that what I had was most likely ZeroAccess, which is apparently pretty nasty. The forum recommended Combofix...blinded by worry, I didn't even get to read that it was only to be used under supervision of a professional. I ran the program, and followed all the instructions, and it seemed like a success. Norton does not give me those notifications nor does it find anything with a full scan. I was relieved...until I tried MBAM again.
MBAM says there is a Trojan.Agent, and when I try to fix it, brings up a log. It says it cannot delete it unless I reboot my computer.
So, I let it reboot. When my computer comes back on, it asks me if Malwarebytes can run. I say yes...then no further actions from the program. Just to be sure, I retry the scan...it finds it again. So, once again, I got frustrated. I had to go to work, so I gave up for a bit.
I came home, and turn on my computer to see that MBAM has been mysteriously deleted. I download it again, and thankfully it works. Although, it still finds the same problem. So I jump on google to see what I can find.
I stumble upon RKill...I read some instructions to figure it out, and download it. I use it, and the log tells me that the certain processes were terminated. So, as the instructions said, I used my MBAM again without rebooting my computer.
Same old. Finds the virus, can't delete it unless I reboot. Reboot, hit accept, open it up again and retry the scan, and there it is.
So...long story short, I messed up with Combofix. I'm sorry, I didn't know. I was going to run it again, but I realized that it would be a terrible idea, so I came here.
Surely there is someone here who can help a newbie? Is it possible to run combofix again if I have someone prompt me to do so? Will it work without renaming it? If I have to remove it to reinstall it so I can name it something different, will removing it harm my computer? Do I even have a computer problem? I would really appreciate some help. Once again, I apologize for using Combofix without supervision, I really didn't know.