Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Possible Zeroaccess infection: denied access to MSE, update error

14 Aug 2013   #31
PowerTrader

Windows 7 Home Premium 64bit
 
 

v3.000


My System SpecsSystem Spec
.
14 Aug 2013   #32
PowerTrader

Windows 7 Home Premium 64bit
 
 

Anything else or is this one officially solved!?
My System SpecsSystem Spec
14 Aug 2013   #33
VistaKing

Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
 
 

That was a recent update . I have 2.306

Usually it says there is an update .

Ok on the new version 3.000 click on the Clean button
My System SpecsSystem Spec
.

14 Aug 2013   #34
PowerTrader

Windows 7 Home Premium 64bit
 
 

done and done, reports are a few posts back
My System SpecsSystem Spec
14 Aug 2013   #35
VistaKing

Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
 
 

Run Malwarebytes

Download Link MalwareBytes

When the installation is done uncheck Enable free trial of Malwarebytes (see image below )



Update the definitions and do a full scan

On the Scanner tab:
Make sure the "Perform Full Scan" option is selected.
Then click on the Scan button.
If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen, click on the Show Results button to see a list of any malware that was found.
Make sure that everything is checked, and click Remove Selected.
When removal is completed, a log report will open in Notepad.
The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
Copy and paste the contents of that report in your next reply and exit MBAM.

Log looks like this : mbam-log-yyyy-mm-dd

Log located : C:\Users\{Your UserName}\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs or C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Logs
My System SpecsSystem Spec
14 Aug 2013   #36
PowerTrader

Windows 7 Home Premium 64bit
 
 

Looks clean:

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Database version: v2013.08.14.02
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16660
Laura :: LAURA-PC [administrator]
8/14/2013 2:22:12 AM
mbam-log-2013-08-14 (02-22-12).txt
Scan type: Full scan (C:\|D:\|E:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 427650
Time elapsed: 1 hour(s), 52 minute(s), 2 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
My System SpecsSystem Spec
14 Aug 2013   #37
VistaKing

Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
 
 

<==== Download Link


<==== Download Link

Click on one of the links above that goes with your Windows 7 bit versions

Save to the Desktop.

Close all windows and browsers

Right click on and choose

Press: SCAN

provide the RKreport.txt (Mode: Scan) in your reply.
My System SpecsSystem Spec
14 Aug 2013   #38
PowerTrader

Windows 7 Home Premium 64bit
 
 

RogueKiller V8.6.5 _x64_ [Aug 5 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : Forum
Website : RogueKiller download
Blog : tigzy-RK
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Laura [Admin rights]
Mode : Scan -- Date : 08/14/2013 11:16:05
| ARK || FAK || MBR |
Bad processes : 0
Registry Entries : 4
[HJ POL] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND
[HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
Scheduled tasks : 0
Startup Entries : 0
Web browsers : 0
Particular Files / Folders:
Driver : [NOT LOADED 0x0]
External Hives:
Infection :
HOSTS File:
--> %SystemRoot%\System32\drivers\etc\hosts


MBR Check:
+++++ PhysicalDrive0: WDC WD2500BEVT-22A23T0 +++++
--- User ---
[MBR] 198eb29d567c674079b92f63af980bf1
[BSP] 658a376a6fa05f4157ead5a665eac855 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 63 | Size: 13319 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 27278370 | Size: 101 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 27487215 | Size: 225052 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Finished : << RKreport[0]_S_08142013_111605.txt >>
My System SpecsSystem Spec
14 Aug 2013   #39
VistaKing

Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
 
 

Run RogueKiller and click on the Delete button .

Then run ESET Online Scanner

On
Hold down Control and click on ESET Online Scanner to open ESET OnlineScan in a new window
Click the button
Check YES, I accept the Terms of Use.
Click the Start button.
Accept any security warnings from your browser.
Under scan settings, check "Scan Archives" and "Remove found threats"
Click Advanced settings and select the following:
Scan potentially unwanted applications
Scan for potentially unsafe applications
Enable Anti-Stealth technology
ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
When the scan completes, click List Threats
Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
Click the Back button.
Click the Finish button.


On or
Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
Right click on choose on your desktop
Check YES, I accept the Terms of Use.
Click the Start button.
Accept any security warnings from your browser.
Under scan settings, check "Scan Archives" and "Remove found threats"
Click Advanced settings and select the following:
Scan potentially unwanted applications
Scan for potentially unsafe applications
Enable Anti-Stealth technology
ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
When the scan completes, click List Threats
Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
Click the Back button.
Click the Finish button.
My System SpecsSystem Spec
14 Aug 2013   #40
PowerTrader

Windows 7 Home Premium 64bit
 
 

Looks like there were 4 hits spotted. Should i just use the program to delete the things they have checked? Also i scanned my other computer with this and got the following report. Should i delete these items as well?

RogueKiller V8.6.5 _x64_ [Aug 5 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : Forum
Website : RogueKiller download
Blog : tigzy-RK

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Gary [Admin rights]
Mode : Scan -- Date : 08/14/2013 11:21:19
| ARK || FAK || MBR |

Bad processes : 0

Registry Entries : 3
[PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (hxxp=garys-new-iphone.local:6666;hxxps=garys-new-iphone.local:6666;socks=garys-new-iphone.local:5050) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

Scheduled tasks : 0

Startup Entries : 0

Web browsers : 0

Particular Files / Folders:

Driver : [NOT LOADED 0x0]

External Hives:

Infection :

HOSTS File:
--> %SystemRoot%\System32\drivers\etc\hosts




MBR Check:

+++++ PhysicalDrive0: ST9500420AS +++++
--- User ---
[MBR] 3e563a017354c810f067962b52ab80a0
[BSP] a79ace6571998e1b25f4ddc737abb8af : MBR Code unknown
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 1200 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2459648 | Size: 463738 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 952195072 | Size: 12000 Mo
User = LL1 ... OK!
User != LL2 ... KO!
--- LL2 ---
[MBR] b0dc430206e212e42b7598045d4ffa22
[BSP] 4be90e0173eda5250ea297ac98ccbdf5 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 1200 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2459648 | Size: 463738 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 952195072 | Size: 12000 Mo

Finished : << RKreport[0]_S_08142013_112119.txt >>
My System SpecsSystem Spec
Reply

 Possible Zeroaccess infection: denied access to MSE, update error




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
Error 5: Access is denied.
Hello, I have been getting Error 5: Access denied for a few days. I cannot install new programs; this error will always just pop up. I've scanned for viruses (a lot showed up, but were cleaned. My AV is Comodo.), tried a System Restore, but all my restore points are gone except for the ones...
General Discussion
Error- Access is Denied
I hope someone out there can help,as this is my last resort. Whenever I am attempting to install anything that I have downloaded, I receive this error message. "Error-Access is Denied" // (no error number) I have scoured the internet, and have tried everything that is out there. Turning...
General Discussion
Error 5: Access Denied
These pop up errors keep coming up even when my computer is just sitting there. I think it's linked to visual basic command line compiler. I'm thinking it's either a worm or that visual basic is malfunctioning and I should reinstall? I've tried 4 different antivirus programs (WSS, AVG, Avira,...
System Security
Error 5;access denied
I'm running Windows 7 x64 bit and over the last couple of days every 15-20 minutes I get an Error 5:access denied message for visual basic command line compiler. how do i fix this problem? i'm not really good with computers so the easiest way of doing this would be much appreciated.
BSOD Help and Support
Getting access denied error on folder
Hi, I just recently moved a folder out of a larger folder. The larger folder was part of the video library. Now when I got to the video library the folder I moved out of it is still there but now it won't let me open it or delete it. I believe it is empty because the new version is where it is...
General Discussion
Access denied error in win 7
If i try to save pdf files from opera to my E Drive, it show an access denied error... if try to save in my C Drive, it allows .... should be due to permission rights of windows 7.... how do i change them so tat i can directly save in to drives other than C drive ??
General Discussion


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 11:46.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App