Xp damaged after removing rootkit.zeroaccess

Discussion in 'Software' started by Tarifa_Pirate, Nov 17, 2011.

  1. Tarifa_Pirate

    Tarifa_Pirate Private E-2

    Hi all, This is my first post and I am sure will not be my last lol

    I have a friends XP SP3 pro desktop that got infected with the Rootkit.zeroaccess virus plus a few others.
    I removed them using a kaspersky boot rescue cd and also ran malwarebytes and combofix.
    My problems started after rebooting back into xp the explorer.exe errored and even trying to start using task manager run command gave the same error i tried for hours to find a way to fix this error but gave up and did a xp repair using a XP SP2 pro disk that he had.
    the repair errored on access denied copying the following xp files during the repair install:
    cmmgr32.exe
    migwix.exe
    muzapp.exe
    xpsviewer.exe
    when the repair finished xp booted to the desktop all icons were back but no taskbar (or off the bottom of the screen)
    my problem now is I cannot install SP 3 because the cryptograghic service is not running also the RPC service is not running (could not start the RPC service access is denied error 5)
    Opening services i can see that alot of services are not running infact only about 12 are running.

    It is not possible to right click properties on the services (nothing happens).
    I managed to get the pc back on the internet using winsockfix
    I think also the nvidia drivers are now damaged or corrupted but cannot install or uninstall nearly anything because i get the error windows installer may be running in safe mode.
    error your version of vbalsgrid6.ocx may be outdated now when trying to run malwarebytes.

    basically its a big mess and i dont know where to go from here. I cannot do a fresh re-install as my friend has loads of programs that he has had for years that he cannot get again. and a lot of user settings for those programs.

    any suggestions please.

    I have at my disposal a UBCD4win and another xp pro sp3 desktop that im typing this on.

    I was thinking of running a repair using my oem xp pro sp3 cd to see if it improves anything?
     
  2. tgell

    tgell Major Geek Extraordinaire

  3. Tarifa_Pirate

    Tarifa_Pirate Private E-2

    Ok did the XP repair using my SP3 pro oem cd but during the copying files part the following files could not be copied and I pressed Esc to bypass them. CD is not scratched and the dvd drive is ok.
    so I assume there is another reason these particular files were not allowed to be copied onto the drive?

    Can anybody see a pattern here as to why these files were not copied.

    @25%
    Cmnicfg.xml
    dwil1033.dll
    ipcfg.xml
    kodak_dc.icm
    osinfo.xml
    potscfg.xml
    pppcfg.xml
    srgb.icm
    is330.icm

    @70%
    cscript.mui
    jscript.mui
    mmc3or.dll
    mmcexr.dll
    mmcfxcr.dll
    msscript.mui

    @80%
    ndisnpp.dll
    nppagent.exe
    scrobj.mui
    scrun.mui
    vbscript.mui
    wscript.mui

    wshext.mui
    wshom.mui
    archvapp.inf
    cobramsg.dll
    guitrn.dll
    guitrna.dll
    iconlib.dll
    log.dll
    migapp.inf
    migism.inf
    migism.dll
    migload.exe
    migsys.inf
    miguser.inf
    migwix.exe
    migwiza.exe
    migwiz.inf
    migwiz.man
    script.dll
    scripta.dll
    sysfiles.inf
    sysmod.dll

    surprised it loads with that lot missing lol
     
  4. Tarifa_Pirate

    Tarifa_Pirate Private E-2

    upon reboot says could not load installer for cd, disk, wireless card, nvidia,
    also a copy error
    an error ocurred while copying file migregdb.ex_
    lhmstsc.mui

    now a whole load of files failed to copy during installing start menu items
     
  5. Tarifa_Pirate

    Tarifa_Pirate Private E-2

    I ended up backing up everything using UBCD and then format and re-installing just for other people reference these virus's are a nightmare to remove and even if you do you can be sometimes left with a OS full of errors. I have recommended to my friends he pays 40euros and puts Eset smart security on his system like i use its much better than the free ones.

    thanks everyone for help.
     
  6. BILLMCC66

    BILLMCC66 Bionic Belgian

    There is no need to pay 40$ for Eset all you need is one of the free Antivirus that most of us use.
    I use Avast free on one PC and Microsoft security essentials on the other that combined with microsofts own firewall give me excellent protection but the need for safe surfing can not be stressed enough as this is the main cause of malware.

    http://www.majorgeeks.com/Avast_Free_Edition_d1968.html

    http://windows.microsoft.com/en-US/windows/products/security-essentials

    This is worth a read.

    http://forums.majorgeeks.com/showthread.php?t=44525
     

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds