I followed the guide and got to the “Perform Quick Scan” place, I then clicked Scan, it scanned just find, it completed and then said “No Malicious Items Found”.
I have some kind of virus and was disappointed to see the above results. My computer runs fine, but I either cannot install any new virus protection, eliminator or cleaner or if I can install one, it will not complete a scan, then stops and locks up the computer. This includes the original McAfee that I had. I also installed an Avast Anti-Virus download and it also would not complete a scan. It went about 1/4 of the way, stopped and locked up again. Even tho it didn’t go far, it did find many errors tho, but I am puzzled why the above Guide would not detect any.
I followed the guide and got to the "Perform Quick Scan" place, I then clicked Scan, it scanned just find, it completed and then said "No Malicious Items Found".
You did not produce the OTL log from the guide? This is the log essexboy is using to see what the problem is
Afther you removed McAfee, have you run the McAfee removal tool ?
You will fiend it here as Nr.19a http://uninstallers.blogspot.com/
I never got that far as I didn’t have anything to “Check” and no chance to “Remove Selected” therefore had no opportunity to proceed to the last 3 steps of the first part.
But if eveything is OK and I can proceed to OTL I will do that next step. (If anyone could just verify that it is OK to now proceed, it would be appreciated)
Also I have a Un-Install download from McAfee with an icon that I used. I already had it un-installed, but I ran it again just to make sure. I had believed that that was good enough, but I will run the Removal Tool if necessary.
To ensure that I get all the information this log will need to be attached (instructions at the end) if it is to large to attach then upload to Mediafire and post the sharing link.
[*]Close ALL OTHER PROGRAMS.
[*]Double-click on OTS.exe to start the program.
[*]Check the box that says Scan All Users
[*]Under Additional Scans check the following:
[*]Reg - Shell Spawning
[*]File - Lop Check
[*]File - Purity Scan
[*]Evnt - EvtViewer (last 10)
[*]Under the Custom Scan box paste this in netsvcs
%SYSTEMDRIVE%*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
/md5stop
%systemroot%*. /mp /s
CREATERESTOREPOINT
%systemroot%\system32*.dll /lockedfiles
%systemroot%\Tasks*.job /lockedfiles
[*]Now click the Run Scan button on the toolbar.
[*]Let it run unhindered until it finishes.
[*]When the scan is complete Notepad will open with the report file loaded in it.
[*]Click the Format menu and make sure that Wordwrap is not checked. If it is then click on it to uncheck it.
Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while the scan is being performed. Do not use your computer for anything else during the scan.
Double-click gmer.exe. The program will begin to run.
Caution
These types of scans can produce false positives. Do NOT take any action on any “<— ROOKIT” entries unless advised!
If possible rootkit activity is found, you will be asked if you would like to perform a full scan.
[*]Click NO
[*]In the right panel, you will see a bunch of boxes that have been checked … leave everything checked and ensure the Show all box is un-checked.
[*]Now click the Scan button. Once the scan is complete, you may receive another notice about rootkit activity.
[]Click OK.
[]GMER will produce a log. Click on the [Save…] button, and in the File name area, type in “GMER.txt”
[*]Save it where you can easily find it, such as your desktop.
“Problem Detected with Computer, Windows Shutting Down”
Stop: 0x0000004E
essexboy, at this point I am really considering “Crashing Out” and starting over. If I choose to do so, will it 100% guarantee to eliminate my problem?
If you do a full reformat and install then your problems will go - dependant on what files you need to recover from the system it may be the fastest option. There is a tutorial on how to do a clean install and backup considerations here http://www.geekstogo.com/forum/Reformat-Install-Windows-t173729.html
At the moment it is difficult to tell as the malware is not showing itself, which is why I was looking at GMER to show me the area to look in. It may be the new TDSS variant - which at the moment only GMER can find, but once found it is relatively easy to clean. I would be loth to use Combofix on this one as about one in ten runs result in an unbootable machine - mindst you we can get it back again.
So to resolve this I would need to try another rootkit detector, with no guarantee that would work
Download SysProt Antirootkit from the link below (you will find it at the bottom of the page under attachments, or you can get it from one of the mirrors).
[]Click on the Log tab.
[] In the Write to log box select all items.
[] Click on the Create Log button on the bottom right.
[] After a few seconds a new Window should appear.
[] Make sure Scan all drives is selected and click on the Start button.
[] When it is complete a new Window will appear to indicate that the scan is finished.
[*] The log will be created and saved automatically in the same folder. Open the text file and copy/paste the log here.
When we were downloading the antirootkit, we got a window that popped up that stated something like “No Disc to copy to”. But we did get a report when we checked on the log.
I tried the whole procedure again and the antirootkit just kept running and running.
I can post the log results that we got, but it is a little long. Should we put it in an attachment?