Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
Help remove zeroaccess rootkit
Message
<blockquote data-quote="Papirus" data-source="post: 93171" data-attributes="member: 4131"><p>OK, these were the steps that I did (all in Windows Normal Mode):</p><p>1. Run Windows Repair (all 3 steps)....but I forget to close the antivirus, norton ghost and hitman pro services.</p><p>2. Run FSS and network still not working. Here is the log. [attachment=3013]</p><p>3. Run Windows Repair again for step 3 (repair) and this time I close the above services to avoid conflicts.</p><p>4. Run FSS and network still not working. Here is the log. [attachment=3014]</p><p>5. Run TDSSKiller and here is the log.</p><p>[attachment=3016] (load module checked)</p><p>[attachment=3015] (scan log)</p><p></p><p>Then I run the OTL mode again to scan the wbemess.dll and fastprox.dll in www.virustotal.com. None of them show any sign of virus.</p><p></p><p>Then I run McAfee Root Kit Remover in OTL mode. Interestingly, it says that it found zeroaccess rootkit in the CD. Here is the log.</p><p>[attachment=3017].</p><p>I upload the shell32.dll from the CD to virustotal.com and it does not find any virus. </p><p></p><p>Is this a false positive error from McAfee Rootkit Remover? Is there a way for someone or McAfee to check the Rootkit Remover tool?</p><p></p><p>Also, I can restore my computer in 20 minutes using the backup data that I have and therefore fix the network problems. However, all other steps that we did will be gone and zeroaccess issue will pop up again (even though I am not sure if this is really an issue or not). Do you have any thought on this?</p><p></p><p>Thanks.</p></blockquote><p></p>
[QUOTE="Papirus, post: 93171, member: 4131"] OK, these were the steps that I did (all in Windows Normal Mode): 1. Run Windows Repair (all 3 steps)....but I forget to close the antivirus, norton ghost and hitman pro services. 2. Run FSS and network still not working. Here is the log. [attachment=3013] 3. Run Windows Repair again for step 3 (repair) and this time I close the above services to avoid conflicts. 4. Run FSS and network still not working. Here is the log. [attachment=3014] 5. Run TDSSKiller and here is the log. [attachment=3016] (load module checked) [attachment=3015] (scan log) Then I run the OTL mode again to scan the wbemess.dll and fastprox.dll in www.virustotal.com. None of them show any sign of virus. Then I run McAfee Root Kit Remover in OTL mode. Interestingly, it says that it found zeroaccess rootkit in the CD. Here is the log. [attachment=3017]. I upload the shell32.dll from the CD to virustotal.com and it does not find any virus. Is this a false positive error from McAfee Rootkit Remover? Is there a way for someone or McAfee to check the Rootkit Remover tool? Also, I can restore my computer in 20 minutes using the backup data that I have and therefore fix the network problems. However, all other steps that we did will be gone and zeroaccess issue will pop up again (even though I am not sure if this is really an issue or not). Do you have any thought on this? Thanks. [/QUOTE]
Insert quotes…
Verification
Post reply
Top
