To summarize, somehow one of our PCs got the stupid "Delayed Write Failed" malware bit on it with the 20 or so dialog boxes that hides your files, so I figured, "No prob. Combofix will fix it." Nope.
Started running, told me I had the ZeroAccess rootkit, I hit OK, then it just sat there. For an hour. No HDD activity.
Since I could not reboot, I shut down by holding the power button and turned back on. Back to square 1.
Used Hitman Pro, found a .sys file infection and a couple TMP file pieces of malware. but alas I hit next. and the activate now box is hidden...
So I booted into safe mode, removed the bogus .sys file and the TMP files and reboot. Same result, square 1.
SO, I tried running TDSSKiller, it won't start. Tried renaming, same thing. Hourglass shows for .1 seconds then nothing. GRR
Tried Combofix in safe mode this time. No rootkit message, but it just sits on the Scanning for infected files part, right before it should start going through it's stages. Sat there for another hour, no HDD activity. Combofix has been defeated.
Since I was running out of options I figured I would try fixboot and fixmbr, Bad decision. Now I receive "NTLDR is missing."
Tried copying from XP Pro disk, upon reboot, same result.
Hooked up HDD to another PC, copied my profile, checked to see if NTLDR and NTDETECT, along with boot.ini are there, THEY ARE. Boot.ini looks fine.
Tried a Windows Repair, upon first reboot, same message.
This has been the worst virus/rootkit/malware bit I've seen in a couple years. Pretty much forcing me to wipe/reload. I hate reinstalling programs!
Help?
Started running, told me I had the ZeroAccess rootkit, I hit OK, then it just sat there. For an hour. No HDD activity.
Since I could not reboot, I shut down by holding the power button and turned back on. Back to square 1.
Used Hitman Pro, found a .sys file infection and a couple TMP file pieces of malware. but alas I hit next. and the activate now box is hidden...
So I booted into safe mode, removed the bogus .sys file and the TMP files and reboot. Same result, square 1.
SO, I tried running TDSSKiller, it won't start. Tried renaming, same thing. Hourglass shows for .1 seconds then nothing. GRR
Tried Combofix in safe mode this time. No rootkit message, but it just sits on the Scanning for infected files part, right before it should start going through it's stages. Sat there for another hour, no HDD activity. Combofix has been defeated.
Since I was running out of options I figured I would try fixboot and fixmbr, Bad decision. Now I receive "NTLDR is missing."
Tried copying from XP Pro disk, upon reboot, same result.
Hooked up HDD to another PC, copied my profile, checked to see if NTLDR and NTDETECT, along with boot.ini are there, THEY ARE. Boot.ini looks fine.
Tried a Windows Repair, upon first reboot, same message.
This has been the worst virus/rootkit/malware bit I've seen in a couple years. Pretty much forcing me to wipe/reload. I hate reinstalling programs!
Help?
