Author Topic: Zero Access Rootkit??? Please help  (Read 28891 times)

0 Members and 1 Guest are viewing this topic.

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Zero Access Rootkit??? Please help
« Reply #60 on: September 20, 2012, 07:56:25 PM »
Exploit:Java /CVE -2012-0597.BY  this is Java and to be honest if you do not need Java then uninstall it, it is more trouble than it is worth

If need be I can remove McAfee manually

Keep updating the drivers 

qim

  • Guest
Re: Zero Access Rootkit??? Please help
« Reply #61 on: September 21, 2012, 08:50:30 AM »
Hi Essexboy

I am doubly sorry. First for not responding quickly, but I am now in Study Mode (for my exams) and have to leave the problem for a while. Second, because I mentioned McAffee without explaining what I meant. Please, have a look at this page.

http://www.mcafee.com/threat-intelligence/malware/default.aspx?id=562354

I downloaded the Removal Tool (in the last page of the article) and pressed the icon. The Dos box opened but told me I had to do it as an Administrator. So, I went into safe Mode/administrator and got the same message!!! Either, again, the virus (if it exists)  is stopping me from accessing it, or I did not understand what I was supposed to do with the download. The webpage says 'Run it by simply executing it from the command line.', and I wonder if I am supposed to run it from within the Dos box. If so, how do I do it? By calling the file name? How?

Any help on this much appreciated, after which I will rest until after my exams.

Thanks for your help.

qim
« Last Edit: September 21, 2012, 01:27:16 PM by qim »

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Zero Access Rootkit??? Please help
« Reply #62 on: September 21, 2012, 02:27:20 PM »
I can see no evidence of zero access

Either RK, Combofix or TDSSKiller would have shown signs and none did.  This is, I believe, system related 

qim

  • Guest
Re: Zero Access Rootkit??? Please help
« Reply #63 on: September 21, 2012, 03:08:45 PM »
Ok, I understand.

Essexboy, many thanks for your patience and help on this problem. 

I have to leave the computer as it is, other than updating the drivers.  If the problem persists, I will try to contact you in a few week's time.

Regards

qim

28469

  • Guest
Re: Zero Access Rootkit??? Please help
« Reply #64 on: October 08, 2012, 10:08:19 PM »
TDSSKILLER found this: Service Start: Auto (0x2)
C:\Program Files (x86)\Hotkey\PowerBiosServer.exe
E02CFE38B69C14F36DEDDD3BF9C79B2

I know I have zeroaccess, because RogueKiller said so.
« Last Edit: October 08, 2012, 10:25:41 PM by 28469 »

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Zero Access Rootkit??? Please help
« Reply #65 on: October 08, 2012, 11:44:55 PM »
TDSSKILLER found this: Service Start: Auto (0x2)
C:\Program Files (x86)\Hotkey\PowerBiosServer.exe
E02CFE38B69C14F36DEDDD3BF9C79B2

I know I have zeroaccess, because RogueKiller said so.
What is the relevance of this ?