I have a possible infection and would appreciate someone looking into this. My computer has very sluggish behavior and seems to take forever to do anything, even when nothing is running. I continually get error messages from Norton on high memory usage by Com Surrogates (Syswow 64) and I also have been getting notices from MalwareBytes on malicious websites being blocked (example attached.) I ran the Farbar recovery scan tool and found the following notation: ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) ATTENTION: ====> ZeroAccess. Use DeleteJunctionsIndirectory: C:\Windows\system64 I am attaching the complete files for reference. Does this mean I have a rootkit and if so, how do I remove it?
Attachment(s)
Download the removal tool from Symantec here:
http://www.symantec.com/content/en/us/global/removal_tool/threat_writeups/FixZeroAccess.exe
Run TDSSKiller on it as well
http://support.kaspersky.com/viruses/disinfection/5350
Brian:
Many thanks for your reply. I tried both of those tools, but nothing was found.
Best,
Plumas
Hi plumas,
Which Symantec product and version are you running? The files you have attached are from tools by other vendors.
Here is the recommended Symantec tool:
How to run the Threat Analysis Scan in Symantec Help (SymHelp) http://www.symantec.com/docs/TECH215519
Many thanks,
Mick
Mick:
Thanks for your reply. I'm using Norton 360 which I believed to be a Symantec product.