Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

ZeroAccess TROJAN - oracleorahomeclientcache.dll [Closed]


  • This topic is locked This topic is locked

#1
TINMAN69

TINMAN69

    New Member

  • Member
  • Pip
  • 2 posts
Hi, Thanks in advance .
DELL Win XP Prof 2002 SP3 Pentium 4 2.66 1g RAM
Mcafee reported Trojan . Tried quarantine . Reboot safe mode, removal . No luck. Researching and have DL'd the following files so far :

FRST , Combofix , NBISbeta DLer. Roguekiller , GMER ,Fixzeroaccess , WP setup, CCsetup28, mbr , aswmbr, ETC

Need to buy a CD=R to burn to so it will not infect a flash card .
Any help on where to start will be appreciated .

Ken
  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi first we will have a look and then try to remove it

Download OTL to your Desktop
Secondary link
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.

    Posted Image
  • Select All Users
  • Under the Custom Scan box paste this in

    netsvcs
    BASESERVICES
    %SYSTEMDRIVE%\*.exe
    /md5start
    services.*
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    winsock.*
    /md5stop
    CREATERESTOREPOINT

  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Post both logs

THEN

Download aswMBR.exe ( 4.5mb ) to your desktop.
Double click the aswMBR.exe to run it Click the "Scan" button to start scan

Posted Image


On completion of the scan click save log, save it to your desktop and post in your next reply
  • 0

#3
TINMAN69

TINMAN69

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
tHANKS FOR oops fast reply Essex Boy !!. Should have mentioned before that the Desktop I am trying to fix has No internet access . IDK if that is a problem or not.
Tinman


Also, The Kodak CD-r 52x i bought for this gets ejected , and get an error prompt that states it is not compatible with my computer . Max speed option is 24x on my Laptop.
Is it safe to use a DVD-r 4x write speed with Live file to read and write or should I use MasterFile which, I believe , closes the disc preventing infected Comp from altering it ?
Also if I use my Sandisk flash card that I use for my camera a Safe Option to go back and forth ? To post the Logs you require ?
Or should (if the DVD-r is also safe to go back and forth to my Uninfected laptop ?)


Thanks , Ken
PS just tried a DVD-r , but apparently this system is so old it only Takes CD-48x and 3 1/2" Floppy, LOL
May have a USB port, so would a USB stick be a safe option to transfer between UnInfected Laptop and Infected Computer ??


Thanks , Ken

Edited by TINMAN69, 13 March 2013 - 12:26 PM.

  • 0

#4
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
You may put it on the sansdisc as you are only copying text files from the affected computer and nothing else. As of now zero access does not copy itself to removable drives
  • 0

#5
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP