Please Help to Remove : 80000032.@, 80000000.@, 000000cb.@, 80000064.@,

Ihave download the OTL.exe and run the scan… I read http://forum.avast.com/index.php?topic=53253.0
Please help

since this seems to be a ZeroAccess rootkit infection also attach aswMBR rootkit diagnostic log

also run AdwCleaner and Malwarebytes as they may remove additional bugs

malware removers are notified

I tried to run the aswMBR, but my computer always crash before it has finised scanning. So I managed to save the log file in the midddle of the scanning proccess…

I also have run the Adwcleaner and Malewarebytes. Here I attached the logs, thanks

have you tried running aswMBR from safe mode?

Oh I can do that? How?

in your malwarebytes log there are som detections that say “No Actions Taken”
these are detections not default marked for removal
if you want these removed, run new scan… mark them for removal…and click remove selected

http://antivirus.about.com/od/securitytips/ht/safemode.htm

Hi there lets kill it

Download and Install Combofix

Download ComboFix from one of the following locations:
Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop

  • IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

[*]Double click on ComboFix.exe & follow the prompts.
[*]Accept the disclaimer and allow to update if it asks

http://img.photobucket.com/albums/v706/ried7/NSIS_disclaimer_ENG.png

http://img.photobucket.com/albums/v706/ried7/NSIS_extraction.png

[*]When finished, it shall produce a log for you.
[*]Please include the C:\ComboFix.txt in your next reply.

Notes:

  1. Do not mouse-click Combofix’s window while it is running. That may cause it to stall.
  2. Do not “re-run” Combofix. If you have a problem, reply back for further instructions.
  3. If after the reboot you get errors about programmes being marked for deletion then reboot, that will cure it.

Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now

I think it has killed id. No more avast warning about malware 80000032.@, 80000000.@, 000000cb.@, 80000064.@ anymore. I tried to search the combo fix log in C:/ but can’t find it. Thank you very much!

This is the log after I run it from safe mode.

Thank you for your kind reply… :slight_smile:

Thank you for your kind reply...
your welcome.....

essexboy will remove all tools used when he is done… so dont go away yet

Okay…

As there is no Combofix log, could you run a fresh OTL quick scan for me to check out