We're aware that some users are experiencing technical issues which the team are working to resolve. See the Community Noticeboard for more info. Thank you for your patience.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!

I have a serious infection

Options
1246714

Comments

  • samdd
    samdd Posts: 1,344 Forumite
    jamespir wrote: »
    download process explorer (bit like task manager but more advanced ) find the virus (in the processes (usually 3 letters.exe and right click it will give you the location of the file) kill the process and then delete the virus restart your pc and it should have got rid of it

    I downloaded and tried to run but i got the error msg below. Its the same as i get whenever i trie to use anything to clean or identify the malware.

    Snapshot_20.jpg
  • TakeThis
    TakeThis Posts: 2,909 Forumite
    samdd wrote: »
    I downloaded and tried to run but i got the error msg below. Its the same as i get whenever i trie to use anything to clean or identify the malware.

    Snapshot_20.jpg

    Did you run it as Administrator? Right Click on the file in order to do so.
  • samdd
    samdd Posts: 1,344 Forumite
    TakeThis wrote: »
    Try this..

    Isnt spyware doctor a free scan but you have to pay for the software to remove the malware?
  • Floralise
    Floralise Posts: 5 Forumite
    Ooops sorry, i thought you were dying. Sorry! :o
  • TakeThis
    TakeThis Posts: 2,909 Forumite
    samdd wrote: »
    Isnt spyware doctor a free scan but you have to pay for the software to remove the malware?

    What has Spyware Doctor to do with it? Are you being re-directed?
  • samdd
    samdd Posts: 1,344 Forumite
    TakeThis wrote: »
    Did you run it as Administrator? Right Click on the file in order to do so.

    Yes, i ran as admin and without admin both ways produced the same results.
  • samdd
    samdd Posts: 1,344 Forumite
    TakeThis wrote: »
    What has Spyware Doctor to do with it? Are you being re-directed?

    Sorry mate.. saw the spyware doctor before scrolling down.. i'll try it now.. thanks
  • TakeThis
    TakeThis Posts: 2,909 Forumite
    Using the ZeroAccess/Max++ rootkit remover to remove ZeroAccess (Sirefef/MAX++) rootkit.

    1. Download the ZeroAccess/Max++ rootkit remover: http://anywhere.webrootcloudav.com/antizeroaccess.exe

    2. Double-click on antizeroaccess icon to run it. It will ask you to verify that you want to perform a System scan. Type Y and press Enter.

    antizeroaccess.jpg


    Once finished, press Enter or any key to continue.

    3. If your computer is infected with Zero Access rootkit, you'll see the following warning: Your system is infected!!

    mrxsmb_sys.jpg

    Infected file: mrxsmb.sys. In your case it might be different. Type Y and press Enter to perform system cleanup.

    You should know see the notification that ZeroAccess rootkit has been successfully removed from the system. Press any key to exit the utility and restart your computer.

    zeroaccess_cleaned.jpg

    4. Run ZeroAccess/Max++ rootkit remover once again to confirm that ZeroAccess/Sirefef/MAX++ rootkit was successfully removed from your computer. That's it!

    zeroaccess_not_found.jpg
  • samdd
    samdd Posts: 1,344 Forumite
    results of the webroot scan, everything come back clean except this..

    Snapshot_1.jpg
  • samdd
    samdd Posts: 1,344 Forumite
    TakeThis wrote: »
    Using the ZeroAccess/Max++ rootkit remover to remove ZeroAccess (Sirefef/MAX++) rootkit.

    1. Download the ZeroAccess/Max++ rootkit remover: http://anywhere.webrootcloudav.com/antizeroaccess.exe

    2. Double-click on antizeroaccess icon to run it. It will ask you to verify that you want to perform a System scan. Type Y and press Enter.

    antizeroaccess.jpg


    Once finished, press Enter or any key to continue.

    3. If your computer is infected with Zero Access rootkit, you'll see the following warning: Your system is infected!!

    mrxsmb_sys.jpg

    Infected file: mrxsmb.sys. In your case it might be different. Type Y and press Enter to perform system cleanup.

    You should know see the notification that ZeroAccess rootkit has been successfully removed from the system. Press any key to exit the utility and restart your computer.

    zeroaccess_cleaned.jpg

    4. Run ZeroAccess/Max++ rootkit remover once again to confirm that ZeroAccess/Sirefef/MAX++ rootkit was successfully removed from your computer. That's it!

    zeroaccess_not_found.jpg

    Iv'e run the sacn 3 times but the infection hasnt been removed. Even though there is an infection its telling me that the system is clean, As below.

    Snapshot_3.jpg
This discussion has been closed.
Meet your Ambassadors

🚀 Getting Started

Hi new member!

Our Getting Started Guide will help you get the most out of the Forum

Categories

  • All Categories
  • 350.9K Banking & Borrowing
  • 253.1K Reduce Debt & Boost Income
  • 453.5K Spending & Discounts
  • 243.9K Work, Benefits & Business
  • 598.8K Mortgages, Homes & Bills
  • 176.9K Life & Family
  • 257.2K Travel & Transport
  • 1.5M Hobbies & Leisure
  • 16.1K Discuss & Feedback
  • 37.6K Read-Only Boards

Is this how you want to be seen?

We see you are using a default avatar. It takes only a few seconds to pick a picture.
Update Your Picture