How to get rid of the rootkit/trojan ZeroAccess

Virus & Spyware

Virus & Spyware
Perspectives on PC security, including antivirus, anti-spyware and firewall solutions.

How to get rid of the rootkit/trojan ZeroAccess

This question is not answered

First off, I'm running Windows XP.

My boyfriend and I got this computer from his family and ever since we've noticed it runs rather slow. The previous owners had told us that it had ran decently, but when we got it, this didn't seem to be the case. Internet Explorer in particular would crash or freeze up. Eventually we had to just install Firefox in order to use the internet at all. We've deleted files that weren't needed and most of the games that were on the computer, but that didn't seem to do anything. We had someone look at the computer and he suggested that it was the RAM.

I had my doubts, but as far as gaming went, he could've been right. But I suspected some form of Malware or Virus. When we signed up for Cox we got McAfee for free and it's done a pretty good job blocking programs and viruses but one in particular keeps popping up. ZeroAccess.

I've tried to manually delete it as well as having McAfee delete or quarantine it and it hasn't been able to do so. I researched it and found out why, the tricky little devil. Once I found it in my system32 folder it finally was quarantined but I don't think it actually was. The computer is still slow and will take about 20 minutes just to open up standard windows within the system. How can I get rid of this?

I can't afford to buy anything to wipe it out, as I am expecting a child in the next month and all our funds have been going to preparation, and would rather not have to start from scratch. However, I need this computer for school and so it is kind of a urgent matter and I'll do whatever it takes to make this run smoothly again. Any suggestions?

All Replies
  • One-on-one Malware Analysis/Removal is no longer done at the Dell Forums.  

    Please follow the directions at http://spywarehammer.com/simplemachinesforum/index.php?topic=12262.0 to register and post the requested logs at spywarehammer.com ; there are expert helpers there who can "walk you through" procedures to analyze your system, and clean-up the infection.   All help provided there is FREE.   If you decide to go for help there, please wait for a response, and do NOT attempt to run any other scans/removers on your own --- do exactly what they instruct you to do, no more, no less.

    Good luck!

    Free Internet Security - WOT Web of Trust       Use OpenDNS       MalwareBytes Anti-Malware

    Windows 7 Pro SP1 (64-bit), avast! v8 Free, MBAM Pro, Windows Firewall, OpenDNS Family Shield, SpywareBlaster, MVPS HOSTS file, EMET+MBAE, MCShield, WinPatrol PLUS, SAS (on-demand scanner), Zemana AntiLogger Free, IE11 & Firefox (both using WOT [set to BLOCK]; KeyScrambler for IE), CryptoPrevent, Secunia PSI.

    [I believe computer-users who sandbox (Sandboxie) are acting prudently.]

  • Hi FadingAqueous,

    Yes, removing ZA requires more than what McAfee can handle. Please follow ky331's suggestion to post at SpywareHammer. If you use the same username as here, I can ask one of the staff there to help you as soon as possible. The helpers there have access to special (free) tools that target ZeroAccess.


     

    Microsoft MVP - Consumer Security
    Social Media and Community Professional
    SpywareHammer

    I am not a Microsoft or a Dell employee. I am a volunteer.