07-11-2012 06:15 PM - edited 07-11-2012 06:39 PM
At about 7:10pm CST, I received a notification from my desktop's Action Center that my Malware and antivirus was not working. (I sometimes experience this, where Norton Symantic Endpoint Protection has a small error and has to restart itself). When I clicked the icon to turn Endpoint on again, another antivirus program was installed on my computer and closed all of my other open programs while scanning a folder in my C Drive, saying that I had X amount of trojans and viruses, and etc. Iit also would not allow me to open any other program or Firefox. Note: When I clicked on Firefox, the program said that it was no allowing access to Internet Explorer because of its "firewall protection" and "was I sure that I wanted to continue".
I knew that I hadn't installed the program, so I managed to uninstall it from my Add/Remove programs. It did tell me to restart my computer, but I haven't done that yet because I don't know if this may cause more damage to the computer. Shortly after that, my Norton's Detection Results discovered Trojan.Zeroaccess.B with files titled: ~!#8278.tmp, n, and 80000000.@ as well as a Trojan.Patchep!sys with a file titled services.exe.
Symantic endpoint Protection has deleted files ~!#8278.tmp and n, but has only logged the services.exe file and the 8000000.@ file, which periodically continues to come up as a risk on the Detection Results.
I am running Windows 7 SP1, on a 64-bit system.
Solved! Go to Solution.
07-11-2012 08:10 PM
ANY other user other than the thread starter is not to use any instructions, scripts or proceedures, The work though in cleaning a system is individual and only for that system due to a number of factors.
Please do not run any tools unless instructed to do so.
4. Cleanup (including system as a whole)
Please read every post completely before doing anything.
Do you have a Flash Drive??
07-11-2012 10:40 PM
Read Slowly and all of it.
Please download http://www.bleepingcomputer.com/download/farbar-re
Transfer it on to the Flash Drive
Enter System Recovery Options.
To enter System Recovery Options from the Advanced Boot Options:
On the System Recovery Options menu you will get the following options:
Windows Complete PC Restore
Windows Memory Diagnostic Tool
07-12-2012 04:44 PM
Download the script attached, needs to be the same file name as well (fixlist.txt), Copy across to flash drive
NOTE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
Now please enter System Recovery Options again. Like previously
07-12-2012 08:53 PM
Please read carefully Read all of this message first
Download Combofix http://www.bleepingcomputer.com/download/anti-viru
Right click the combofix.exe on the desktop and select from the menu "Run as Administrator"
****Note: Do not mouseclick combofix's window while it's running. That may cause it to stall or freeze ****
Note: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.
Note: Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security.
07-13-2012 07:53 PM
On with step 4. (a)
Please read carefully and Slowly
Please scan with ESET next
I'd like us to scan your machine with ESET OnlineScan
If you think a log should have been generated then go to C:\Program Files\ESET\ESET Online Scanner\log.txt to find it.