Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Posted this in the log forum, it may belong here instead


  • This topic is locked This topic is locked
1 reply to this topic

#1 Tpg7

Tpg7

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:07:49 PM

Posted 05 April 2014 - 05:15 PM

Like the title says, this may be better suited for this forum..


Hello,

My computer is infected with the zeroaccess rootkit, a few months ago I was inbetween antivirus software for about a week with no protection and started seeing "____ contained a virus and was deleted" messages every time I tried downloading files in an email.

I foolishly thought nothing of it, actually believing the files were indeed infected. I don't usually download many things to my computer, so I didn't see this alert very often. When the time came for an important document I needed to be downloaded couldn't download, I started researching what the problem was.

So I tried the options available on http://malwaretips.com/blogs/file-contained-a-virus-and-was-deleted-removal/ and was unsuccessful, none of the antimalware software even detected the trojan.

Which led me to finding combofix, and I unfortunately didn't see all of the multiple disclaimers combofix has until after I downloaded it and ran it. I did research it, after trying multiple options (hitman, mcafee rootkitremover, etc... I tried 6 different things before I got to combofix) but I didn't see any of the serious warnings until after it was running and I searched the Internet for solutions to the length of the scan...

Which brings me to where I am now, it has been running for 5 hours and has been on "completed stage 48" for about 2 hours. What should my next action be? Should I let it run?

I understand I messed up by not doing it the right way but I plain and simple didn't know it was a major issue to run it without supervision.

Thank you in advance for your response!

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:49 PM

Posted 05 April 2014 - 08:48 PM

Ok , you did screw up a bit.. Zero access is a dangerous malware and we need to see and remove all of it.

Having run ComboFix we need to see that log. Post it in the other topic as those logs are only analyzed there. thanks.

I will close this to avoid replies here. If you have any questions on this PM me or any Moderator.

Edited by boopme, 05 April 2014 - 08:49 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users