Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojanzeroaccsess.b


  • This topic is locked This topic is locked
2 replies to this topic

#1 CHARDZ

CHARDZ

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:12:29 AM

Posted 29 June 2012 - 07:48 PM

Trojan.Zer​oaccess.B
.





Options












. . ..
01-13-201210:10 AM



I am running Norton Internet Security 2012. A full system scan detected a threat named Trojan.Zeroaccess.B located in c:\windows\system32\consrv.dll and indicated that manual removal was required. I first rebooted in safe mode and ran the scan again with the same results. I have run the Norton Power Eraser (both regular and beta versions) and the Norton Bootable Recovery Tool but the problem remains. I have noted that Norton also lists a Trojan.Zeroaccess Removal Tool but this only runs in a 32 bit environment. I am running Windows 7 Professional 64 bit. Any suggestions?

BC AdBot (Login to Remove)

 


#2 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:09:59 AM

Posted 29 June 2012 - 07:52 PM

Hi,

Please run the following:

Download Farbar Recovery Scan Tool and save it to a flash drive.

Plug the flashdrive into the infected PC.

Restart your computer and tap F8 to bring up the Advanced Menu, then click Repair your computer

Follow the prompt to enter keyboard input method, and then the prompt to enter a password. If the machine does not have a password, simply click Enter.

In the next menu, use the arrow keys on the keyboard to highlight Command Prompt and press Enter.

  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst64.exe and press Enter.
Note: Replace letter e with the drive letter of your flash drive.

  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Uncheck the Whitlelist boxes next to Registry, Services, Drivers, and known DLL's
  • Place a check next to List Drivers MD5
  • Press Scan button.
  • It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#3 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:09:59 AM

Posted 06 July 2012 - 07:38 PM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users