Rootkit Zeroaccess Gone With Combofix, but comes back and have no internet access

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by Cap116, Dec 29, 2011.

  1. Cap116

    Cap116 Private E-2

    On Monday, 12/26/2011, I started being redirected when I would click on links from google. I ran SuperAntiSpyWare and thought I eliminated the problem. Then next thing I know my computer is running slow, windows firewall will not enable, and the network connections, wireless and wired, do not connect. After a number of hours working on it, I used ComboFix and thought I got rid of rootkit zeroaccess, but instead keep running into the problem. Please help.

    Attached are Combofix log, FSS log, and TDSS Log. If there is anything else please let me know.
     

    Attached Files:

    Cap116, Dec 29, 2011
    #1
  2. Cap116

    Cap116 Private E-2

    I forgot to mention, I am using a Lenovo T60 1952; Windows XP SP3. Everytime I reboot after Combofix has fixed everything, except for network connections, everything goes back to as if it didnt happen. Thanks.
     

    Attached Files:

    Cap116, Dec 30, 2011
    #2
  3. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Major Geeks!

    You should not have removed wsimd.sys with TDSSkiller. It was just an unsigned driver and per our instructions should not be touched. This was a miniport driver for your PC.

    I'm not sure what instructions you are following. Seems like you are looking at other threads and just jumping around randomly. You needed you to follow the instructions in the below link

    READ & RUN ME FIRST. Malware Removal Guide


    We still need logs from SUPERAntiSpyware, Malwarebytes, and a proper log from MGtools. You did not attach what was requested. Also note that ComboFix.exe needs to be on your Desktop not on drive D. The same goes for MGtools.exe. You need to redownload both ComboFix.exe and MGtools.exe to your Desktop. But only run MGtools.exe per the instructions and attach the proper log which is C:\MGlogs.zip and nothing else. We don't need a new combofix log right now.
     
    chaslang, Dec 30, 2011
    #3

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds