Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Possible Zeroaccess infection: denied access to MSE, update error

13 Aug 2013   #11
cottonball

Windows 7 Home Premium
 
 

I am confused!!!

If the infected laptop drive is connected as a slave to the Desktop computer, the Registry of the infected laptop drive won't be loaded. So, any cleanup does not remove malware entries from the Registry.

Running FRST on the Desktop to clean a slaved laptop drive is not a good idea, if that is what is being attempted.




My System SpecsSystem Spec
.
13 Aug 2013   #12
VistaKing

Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
 
 

Cottonball

What is happening , PowerTrader is scanning the laptop's hard drive on his desktop using a USB tool . What I am attempting to have him do is put the drive back into the laptop and do the fix on the laptop .
My System SpecsSystem Spec
13 Aug 2013   #13
cottonball

Windows 7 Home Premium
 
 

The laptop's drive needs to be in the laptop, and FRST needs to be run from the Desktop of the laptop.

Scanning the drive on the Desktop computer does not load the Registry for the laptop.

What I would do is run FRST again on the laptop, post its report, and then fix the files and the Registry entries with a fixlist, like in Post #6.

If you run that fixlist from the Desktop computer, have no clue as to what that will result in.

Edited to clarify Desktop computer, and laptop's Desktop.
My System SpecsSystem Spec
.

13 Aug 2013   #14
VistaKing

Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
 
 

The fixlist.txt was meant to run Inside the laptop not desktop.
My System SpecsSystem Spec
13 Aug 2013   #15
PowerTrader

Windows 7 Home Premium 64bit
 
 

Just to clarify:
1 - Those reports were conducted when the HD was in the in the laptop.
2 - After I was sure that there was some kind of threat, I removed the HD from the laptop.
3 - I then connected the HD to my desktop by USB cables (As a slave) and ran a complete virus scan (MSE).
4 - Scan completed and found 5 threats.
5 - I got skittish and used MSE to clean the threats from the enslaved HD (sorry I should of just following your recommendations)
6 – Doing one last scan before I put it back into the laptop

My question now: Because I used MSE on the desktop to eliminate the threats, will my registry be fine, or do I have to make more changes once I put it back in the laptop?
Thanks and sorry for not following instructions to a T.
My System SpecsSystem Spec
13 Aug 2013   #16
VistaKing

Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
 
 

I would use FRST.exe again to create a new log file when you place the hard drive back into the laptop.
My System SpecsSystem Spec
13 Aug 2013   #17
PowerTrader

Windows 7 Home Premium 64bit
 
 

Writing from the laptop. Just tried to run MSE from the laptop with no luck. Update is still blocked as well (same error as before). Attached is the updated FRST report.


Attached Files
File Type: txt FRST.txt (40.7 KB, 5 views)
My System SpecsSystem Spec
13 Aug 2013   #18
cottonball

Windows 7 Home Premium
 
 

Quote:
5 - I got skittish and used MSE to clean the threats from the enslaved HD (sorry I should of just following your recommendations)
6 Doing one last scan before I put it back into the laptop

My question now: Because I used MSE on the desktop to eliminate the threats, will my registry be fine, or do I have to make more changes once I put it back in the laptop?
The malware Registry entries are still there, as well as other ZeroAccess entries.

The way malware works nowadays, it is best not to slave a hard drive and run scans from another computer. There are other, more effective options.

VistaKing will look at the new FRST report and prepare a new fixlist. In it, there will also be commands to work on the MSE issue. Between FRST, FSS, and a ServicesRepair program, you should be OK.

Just hang in there.
My System SpecsSystem Spec
13 Aug 2013   #19
VistaKing

Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
 
 

The new and old FRST.txt look the same . Run the fixlist posted on Post #6 then run the tools below


Download Services Repair

http://kb.eset.com/library/ESET/KB%2...icesRepair.exe

When done . Drag the file to your desktop

Right click on ServicesRepair.exe choose

Click on Yes or Continue . Once the tool has completed it will ask you to restart . Please restart the PC .

Then run FSS

Farbar Service Scanner

Click here Farbar Service Scanner to DOWNLOAD

Place the file onto your desktop

Right click on FSS.exe select

Place a check mark next to the following options
  • ⬜ Internet Services
  • ⬜ Windows Firewall
  • ⬜ System Restore
  • ⬜ Security Center
  • ⬜ Windows Update
  • ⬜ Windows Defender

Press the Scan button

Farbar Service Scanner will create a log, called FSS.txt, on the Desktop. Upload the FSS.txt with your reply
My System SpecsSystem Spec
13 Aug 2013   #20
PowerTrader

Windows 7 Home Premium 64bit
 
 

awesome, thanks! These malwares just keep getting more diabolical every year ...
My System SpecsSystem Spec
Reply

 Possible Zeroaccess infection: denied access to MSE, update error




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
Error 5: Access is denied.
Hello, I have been getting Error 5: Access denied for a few days. I cannot install new programs; this error will always just pop up. I've scanned for viruses (a lot showed up, but were cleaned. My AV is Comodo.), tried a System Restore, but all my restore points are gone except for the ones...
General Discussion
Error- Access is Denied
I hope someone out there can help,as this is my last resort. Whenever I am attempting to install anything that I have downloaded, I receive this error message. "Error-Access is Denied" // (no error number) I have scoured the internet, and have tried everything that is out there. Turning...
General Discussion
Error 5: Access Denied
These pop up errors keep coming up even when my computer is just sitting there. I think it's linked to visual basic command line compiler. I'm thinking it's either a worm or that visual basic is malfunctioning and I should reinstall? I've tried 4 different antivirus programs (WSS, AVG, Avira,...
System Security
Error 5;access denied
I'm running Windows 7 x64 bit and over the last couple of days every 15-20 minutes I get an Error 5:access denied message for visual basic command line compiler. how do i fix this problem? i'm not really good with computers so the easiest way of doing this would be much appreciated.
BSOD Help and Support
Getting access denied error on folder
Hi, I just recently moved a folder out of a larger folder. The larger folder was part of the video library. Now when I got to the video library the folder I moved out of it is still there but now it won't let me open it or delete it. I believe it is empty because the new version is where it is...
General Discussion
Access denied error in win 7
If i try to save pdf files from opera to my E Drive, it show an access denied error... if try to save in my C Drive, it allows .... should be due to permission rights of windows 7.... how do i change them so tat i can directly save in to drives other than C drive ??
General Discussion


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 07:31.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App