000000CB.@ is Rootkit ZeroAccess

Rootkit 000000CB.@ is software that enables continued privileged access to a computer while actively hiding its presence.
Detection and removal of 000000CB.@ may be a very difficult process.
You should use anti-rootkit software to fix the 000000CB.@ problem.

Malware Analysis of 000000CB.@
Full path on a computer: %Local Appdata%3308c706U00000cb.@

Detected by RegRun Warrior:

000000CB.@
Default location: %Local Appdata%3308c706U00000cb.@

Removal Results: Success
Number of reboot: 1

000000CB.@ is known as:

Rootkit.ZeroAccess

000000CB.@ hash:

  • MD5: 6cad6d352150bf5df70ea2eff25e8bd3
How to quickly detect 000000CB.@ presence?

Registry:
  • HKLMSystemCurrentControlSetServicesse59nd5ParametersServiceDll: “%systemroot%system32CTSBLFX.DLL.dll”
Folders:
  • %WinDir%$NtUninstallKB3057$
Files:
  • %Local Appdata%3308c706@
  • %Local Appdata%3308c706U0000001.@
  • %Local Appdata%3308c706U00000c0.@
  • %Local Appdata%3308c706U00000cb.@
  • %Local Appdata%3308c706U00000cf.@
  • %Local Appdata%3308c706U80000000.@
  • %Local Appdata%3308c706U800000c0.@
  • %Local Appdata%3308c706U800000cb.@
  • %Local Appdata%3308c706U800000cf.@
  • %Local Appdata%3308c706X
  • %WinDir%assemblyGAC_MSILDesktop.ini
  • %SysDir%CTSBLFX.DLL.dll
  • %SysDir%dds_log_ad13.cmd

Fix it immediately!

Free Download

UnHackMe removes malware invisible for your antivirus!

Leave a Reply