Rootkit Zeroaccess Google Redirection

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by rimager, Mar 16, 2012.

  1. rimager

    rimager Private E-2

    Dear members,

    I have read and followed all directions in "READ & RUN ME FIRST. Malware Removal Guide".

    The only tool I could not run was combofix.

    I am using WIndows 7 64bit and the problem started yesterday.
    I believe the culprit was a fake Flash Player update Window that kept popping up. I clicked Install and looks like what was installed was not the latest Flash Player, but this nasty malware.


    Logs for Malwarebytes, MGTools, and SuperAntiSpyware are attached.
     

    Attached Files:

    rimager, Mar 16, 2012
    #1
  2. rimager

    rimager Private E-2

    A few more logs files attached.
     

    Attached Files:

    rimager, Mar 16, 2012
    #2
  3. rimager

    rimager Private E-2

    Is anyone at all able to help with this? I see other users posting similar threads, and getting answers...did I do something wrong?
     
    rimager, Mar 16, 2012
    #3
  4. thisisu

    thisisu Malware Consultant

    Hi and welcome to Major Geeks, rimager!

    No you did not do anything wrong. We are just busy and there were threads ahead of yours.

    http://img684.imageshack.us/img684/6489/aswmbr.gif Please download aswMBR to your desktop.
    • Double-click aswMBR.exe to run (Vista/7 right-click and select Run as Administrator)
    • Select No when asked "Would you like to download latest Avast! virus definitions?"
    • Click the [Scan] button.
    • On completion of the scan click [Save log], save it to your desktop and attach this log to your next message. (How to attach)
     
    thisisu, Mar 17, 2012
    #4
  5. thisisu

    thisisu Malware Consultant

    Can you tell me what happened when you tried to run it?

    I also want you to try to run it again using these instructions below:

    http://img194.imageshack.us/img194/4930/combofix.gif Attempt to run ComboFix using these directions:
    • Press and hold the Windows key http://i1106.photobucket.com/albums/h363/debojyotidas/Windows_Logo_key.gif and then press the letter R on your keyboard.
    • This opens the Run dialog box.
    • Copy and paste the below text inside the text-field:
      • "%userprofile%\desktop\ComboFix" /killall
    • Now press ENTER
    • ComboFix should launch and try to scan. Let me know exactly what happens if it does not run successfully this time around.
    • Attach C:\ComboFix.txt if it was successful. (How to attach)
     
    thisisu, Mar 17, 2012
    #5
  6. rimager

    rimager Private E-2

    Thanks a lot for the reply! I went ahead and reinstalled the OS already as I was too freaked out by this virus.
     
    rimager, Mar 17, 2012
    #6
  7. thisisu

    thisisu Malware Consultant

    No problem. Thanks for letting us know. Surf safely! :)
     
    thisisu, Mar 17, 2012
    #7

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds