Four days ago I removed the above virus and another similarly named one. The original symptom stopped, but starting-up the comp today I found no internet connections are working. Worried I decided to run a system restore to two weeks ago and now it has been initializing for about 30 min. This is even more worrying. And now I'm thinking I may have just doomed the machine.
Did I just mess up by running system restore? And will system restore actually stop the virus?
Thanks in advance
I'm running windows 7 64-bit home premium, McAfee found and deleted the first virus and windows defender found the second.
So, the restore ran successfully and got the internet working again. Just ran TDSSkiller and it found nothing, any advice as to how I can make sure there's no rootkit installed?
If TDSSKiller didn't find anything that's not absolute proof that you don't have a rootkit, but it's a pretty good indicator that you're okay. McAfee's own Rootkit Remover (which you can get from HERE) checks for ZeroAccess as well as TDSS, so you could run it also as a check.
System Restore gets you out of trouble about 90% of the time, so keep your fingers crossed. You're probably okay.
Thanks for the reply!
I ran rootkit remover and it found nothing as well. The only odd symtom I have noticed since my last post was two consecutive requests from tdsskiller (file located in temp folder for some reason, with oddly long/nonsensical names in the filepath) for permission to modify harddrive, which I denied. I had run tdsskiller in safe mode the last time I started it up.
I know it's never possible to be 100%sure your clean, but should I continue to worry/continue scanning? Or, should I leave it for now and look for symptoms while not doing anything that could risk my info? Or am I being overparanoid at this point?
I think you can assume you're 99% safe. Because of the 1% margin, watch for anything out of the ordinary - requests for unknown programs to connect to the internet, pop-ups, abnormally high CPU, it's difficult to be specific. And certainly, for the next week or two, run an occasional Quick Scan just to check for anything that shouldn't be there.
After a System Restore you need to re-download anything from Microsoft and McAfee that the rollback undid. Other than that, just carry on as normal.
I don't know why TDSSKiller wanted to modifty the hard drive; if it didn't say what exactly it was going to do and why you may have been right to deny it permission.
Just realized something kind of odd, looking at the rootkit remover log and there's no mention of initialization, itskips from scanning fo updates to scanning. the "how to use rootkit remover tool" guide mentioned the initialization step so thats why I'm asking. I pasted the log below.
Rootkit Remover v0.8.9.161 [Apr 5 2013 - 16:14:29]
Windows build 6.1.7601 x64 Service Pack 1
Checking for updates ...
Scan Result --> No trojan or viruses found!
Press any key to exit.
I don't thnk that's anything to worry about. The illustration in the How-To is for a slightly earlier version, and I would think the initialisation stage is mostly checking for updates anyway.