Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Help! I think I have Zero Access rootkit


  • This topic is locked This topic is locked
3 replies to this topic

#1 loonyless1

loonyless1

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:06:16 AM

Posted 18 July 2012 - 03:46 PM

I did some searching, and I think I have the Zero Access rootkit trojan.

AVG Free Edition keeps asking me to remove c:/windows/installer/various names.
AVG Free Edition keeps asking me to remove c:/windows/system32/services.exe.
It does this so often that it is hard to browse the internet.
Also my browser is redirecting me to other websites.
Should I consider a system restore? Or is that a bad idea?
Except for the system restore idea, I have no idea how to remove this trojan.

Help! Please.

BC AdBot (Login to Remove)

 


#2 Allan

Allan

  • BC Advisor
  • 8,589 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Jersey
  • Local time:07:16 AM

Posted 18 July 2012 - 03:49 PM

malware

#3 rotor123

rotor123

  • Moderator
  • 8,093 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Jersey
  • Local time:07:16 AM

Posted 18 July 2012 - 04:02 PM

HI. Since you mention a Rootkit I suggest you open a new post here:
Virus, Trojan, Spyware, and Malware Removal Logs Here
Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help

Follow the preparation guide please. It will make the process speedier.

I am closing this topic since you would be better of starting a new topic that has Zero replies with the information form the preparation guide.

Thank You
Roger

Edited by rotor123, 18 July 2012 - 04:03 PM.

Fortune Cookie says: Fortune not Found: Abort, Retry, Ignore?

Sent from my All-In-One Desktop. Perfect for Internet, Not for heavy usage or gaming however.

How Does a computer get Infected? http://www.bleepingcomputer.com/forums/t/2520/how-did-i-get-infected/
Forum Rules,    The BC Welcome Guide

167 @ June 2015


#4 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,946 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:07:16 AM

Posted 20 July 2012 - 11:06 PM

Hello,

Now that you have posted a topic here: http://www.bleepingcomputer.com/forums/topic461289.html you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a MRT Team member, nor should you ask for help elsewhere. Doing so can result in system changes which may not show in the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the MRT Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the MRT Team members are EXTREMELY busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the MRT Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRT Team member is already assisting you and not open the thread to respond.

Please be patient. It may take a few more days to get a response but your log will be reviewed and answered as soon as possible. I advise checking your topic once a day for responses as the e-mail notification system is unreliable.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

To avoid confusion, I am closing this topic. Good luck with your log.

Orange Blossom :cherry:

Edited by Orange Blossom, 20 July 2012 - 11:07 PM.

Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users