Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: ZEROACCESS rootkit symptoms found, and missing some Services

28 Oct 2014   #11
rusl07cl08

Windows 7 Ultimate x64 7600 Multiprocessor Free
 
 

Quote   Quote: Originally Posted by Kaktussoft View Post
Download and run Windows Repair (All In One)
Do at least test 1,3,26,17,6 adn reboot afterwards.
After that run the tests again as you did in #1 and post the results
Done. I think it's somehow fixed my problems. This is the result:

Code:
Checking for processes to terminate:
 * C:\ProgramData\DatacardService\DCService.exe (PID: 1496) [AU-HEUR]
 * C:\ProgramData\DatacardService\DCSHelper.exe (PID: 2864) [AU-HEUR]

2 proccesses terminated!

Checking Registry for malware related settings:
 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:
 * ALERT: ZEROACCESS rootkit symptoms found!

     * C:\Windows\Installer\{2b524474-7c58-2ccb-2efa-8d9df2ff344d}\ [ZA Dir]
     * C:\Windows\Installer\{2b524474-7c58-2ccb-2efa-8d9df2ff344d}\L\ [ZA Dir]
     * C:\Windows\Installer\{2b524474-7c58-2ccb-2efa-8d9df2ff344d}\L\00000004.@ [ZA File]
     * C:\Windows\Installer\{2b524474-7c58-2ccb-2efa-8d9df2ff344d}\L\201d3dde [ZA File]
     * C:\Windows\Installer\{2b524474-7c58-2ccb-2efa-8d9df2ff344d}\L\76603ac3 [ZA File]
     * C:\Windows\Installer\{2b524474-7c58-2ccb-2efa-8d9df2ff344d}\U\ [ZA Dir]

Checking Windows Service Integrity: 
 * No issues found.

Searching for Missing Digital Signatures: 
 * No issues found.
And thank you for that.
By the way, during the tweaking repairs, I encountered BSOD displaying:

Code:
PAGE_FAULT_IN_NONPAGED_AREA
Technical Information:
*** win32k.sys - Address FFFFF9600018354B base at FFFFF960000C0000, DateStamp 54163648
Regarding this:
Quote   Quote: Originally Posted by Kaktussoft View Post
* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

=>quite normal. I think you have another virusscanner running(?) You have microsoft security essentials installed?
After the tweaking repairs, I started my Windows Defender and it is now updating. Thanks! I don't have MS Security Essentials. My AV is ESET Smart Security 5.


My System SpecsSystem Spec
.
29 Oct 2014   #12
Kaktussoft

Microsoft Community Contributor Award Recipient

Microsoft Windows 7 Home Premium 64-bits 7601 Multiprocessor Free Service Pack 1
 
 

So the repair seems to fix the issue....nice.
Did you rerun it after the BSOD?

BSOd: I don't know why it crashed
My System SpecsSystem Spec
29 Oct 2014   #13
rusl07cl08

Windows 7 Ultimate x64 7600 Multiprocessor Free
 
 

Quote   Quote: Originally Posted by Kaktussoft View Post
So the repair seems to fix the issue....nice.
Did you rerun it after the BSOD?

BSOd: I don't know why it crashed
Yeah. The result is what I posted above. Thanks!
My System SpecsSystem Spec
.

Reply

 ZEROACCESS rootkit symptoms found, and missing some Services




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
Power icon missing after removal ZeroAccess rootkit
I removed this nasty from my cousin's laptop about 5 months ago w/ a combination of RKill, Farbar's Service Scanner, Eset Sirifef tool & services repair, ComboFix, MBAM.... and a couple others. One of the residual problems was Action Center was missing from the notification area and I was able to...
General Discussion
Require (Rootkit.TDSS.TDL4) Rootkit Removal & Cleanup walkthrough
I would really appreciate some help from someone with experience with this matter. Introduction: Origin: False sense of security by AVG (updated), Windows kept updated, Browser settings, firewall, and self system maintainence. Presentation: Installed a 2nd HDD (Exclusively for daily...
System Security
WZC missing from services.
As the title says when I look through services.msc Wireless Zero Configuration is missing, how do you go about reinstalling this service in Windows 7 or can't it be done.
Network & Sharing
Avast Found Rootkit - TrustedInstaller.exe
I have a 2 day old install has had limited Internet contact to only install updates and AV/Firewall/Malware software. Avast prompted me with a Rootkit Found message pointing to C:\Windows\servicing\TrustedInstaller.exe. I ran Avast and Emsisoft Anti-Malware on the file in that location showing it...
System Security
Rootkit found -- avast! 5
Hello! avast! 5 found a Rootkit: :( C:\Windows\system32\drivers\ccdcmb.sys and C:\Windows\system32\drivers\ccdcmbo.sys Please help me what do I do?? and.... Is avast 5 really compatible with Windows 7? Some say they get the "Blue-screen Error" :)
System Security
Rootkit Found
I have NIS 2010 installed on my PC and I do a couple scans a day with Norton, Malwarebytes, and Hitman Pro 3.5.5. I just did a scan with Hitman Pro and it found a Rootkit in C:\Windows\system32\DRIVERS\ Isn't Norton supposed to detect and block these kind of malware attacks????? :mad::mad: ...
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 03:41.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App