I have run avast and malware and I moved those files into a chest and then deleted them. Now nothing pops up, but I continue to get notifications from avast and symantec that I have 51 troajan viruses and they wont stop. Here are a few of the ones that are constantly shown:
> Doubleclick on the MBAR file ( http://www.mcshield.net/personal/magna86/Images/mbar.png
) and allow it to run.
• Click OK on the next screen, to allow the package to extract the contents of the file to its own folder named mbar.
• mbar.exe will launch automatically. On some systems, this may take a few extra seconds. Please be patient and wait for the program to open.
• After reading the Introduction, click Next if you agree.
• On the Update Database screen, click on the Update button. Once you see ‘Success: Database was successfully updated’ click on Next
• Under Scan Targets ensure all boxes are ticked. Then click the Scan button.
Notice: with some infections, you may see two messages boxes:
‘Could not load protection driver’. Click ‘OK’.
‘Could not load DDA driver’. Click ‘Yes’ to this message, to allow the driver to load after a restart. Allow the computer to restart. Continue with the rest of these instructions.
>> If malware is not detected, click the Exit button to close the program and post the mbar-log-year-month-day.txt and system-log.txt reports.
>> If an infection/s are found ensure Create Restore Point are ticked. Then select the "Cleanup! button to remove threats.
• The clean up procedure will be scheduled for process, pop-up will be shown.
Select the Yes button and the system should re-boot to complete the cleaning process.
>>Notice: only if an RootKit are detected, ensure to run fixdamage.exe tool located in mbar folder, \Plugins\fixdamage.exe
Run fixdamage.exe, at the black window to continue type Y (alias for Yes). Wait few seconds for execution …
When you see “press any key to exit” fix is completed, press any key to close the window. Reboot the system.
> The following reports will be created in mbar folder:
51 Trojans??? Seriously move the files you want to save over to an external hard drive… scan the holy heck outta that external hard drive and rebuild your computer. I don’t care how much cleaning you do I would never trust that computer again. Were you running avast the whole time and it allowed all those Trojans or did you install avast after running something else (or nothing) for a while?
51 Trojans???
[ . . . ]
I don't care how much cleaning you do I would never trust that computer again.
ZeroAccess (aka Sirefef) are usercode rootkits that usual uses one system-folder location to place its loading point files and/or malware data-configuration files.
The thing is when AV scan system it actually scans for known malware files. When AV scans affects the known location for malware loading point (files in some folder) AV simply sums the number of detection files. When user reads the AV warnings, he thing that system have 51 active infection on board. In 95% of cases, realistic case is one or two active malware (one or more loading point + malware related config. files) + some PUP/adware (which again involves a minimum of ~ 10 new detection according to AV report).