06-13-2012 11:35 AM
Norton scan found two threats.
ntos (Trojan.Zeroaccess!kmem) which was removed and mrxsmb.sys_backup (Trojan.Zeroaccess!inf2) which could not be removed. It said to get the tool from the website and so I did. It did not remove anything andsaid "no threat was found" then it said to run the Norton Power Eraser and so I did. It couldn't remove it as well. On the website it said that if neither of those work, I should run the Norton Bootable Recovery tool and so I did. Again, it found but could not remove the threat. Looking through the Security History I see that I8042pr.dll (Trojan.Zeroaccess!inf) has been detected and blocked two months ago. Looking throught the forums, seems like there is no universal solution fto remove this threat, so I don't want to mess anything up here.
Solved! Go to Solution.
06-13-2012 07:03 PM - edited 06-13-2012 07:54 PM
Please do not run any tools unless instructed to do so.
4. Cleanup (including system as a whole)
Please read every post completely before doing anything.
Please read carefully
1. Please download aswMBR hxxp://public.avast.com/~gmerek/aswMBR.exe to your desktop. (replace the hxxp with http)
Double click the aswMBR.exe icon to run it
it will ask to download extra definitions - ALLOW IT / Yes
Click the Scan button to start the scan
On completion of the scan, click the save log button, save it to your desktop and Please attach the log in the post back, Don't have the program fix anything.
06-13-2012 10:33 PM
I had another user with this file also on XP
Download OTL hxxp://oldtimer.geekstogo.com/OTL.exe (change the hxxp to http) save it to your Desktop.
Double click on OTL.exe to run it. Right click OTL.exe and select run as administator for Vista and Win 7.
Disable Norton for say 30 minutes
Click the Scan All Users checkbox.
Change file age to 60 days
under Copy and paste what is below between the lines
C:\Program Files\Common Files\ComObjects\*.* /s
%systemroot%\*. /mp /s
%systemroot%\*. /rp /s
An OTL.txt will be created.
06-14-2012 09:38 AM
When I ran FixZeraccess, restarted PC after the scan it said "no threat was found". Then I ran NPE and I dont remember exactly what it said but it either did not find it or could not fix it as well.