Author Topic: Help deleting Rootkit.ZeroAccess  (Read 43838 times)

0 Members and 1 Guest are viewing this topic.

LaLuz

  • Guest
Re: Help deleting Rootkit.ZeroAccess
« Reply #15 on: December 22, 2012, 11:16:43 PM »
The computer is pretty much the same. 

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Help deleting Rootkit.ZeroAccess
« Reply #16 on: December 23, 2012, 10:20:29 AM »
OK lets dive deep

The zip folder that this creates will need to be uploaded to a file sharing site for me to collect

Download AVPTool from Here to your desktop
 
Run the programme you have just downloaded to your desktop ( it will be randomly named )
 
First we will run a virus scan
On the first tab select all elements down to Computer and then select start scan 
Once it has finished select report and post that.


 
[color="#FF0000"]Do not close AVPTool or it will self uninstall, if it does uninstall - - then just rerun the setup file on your desktop[/color]
 
Now an analysis scan
Select the Manual Disinfection tab 
Press the Gather System Information button 
Once done Open the last report saved folder  then attach the zip file to your next post zip 
The file is located at C:\Users\your name\Desktop\Virus Removal Tool\setup_9.0.0.722_05.01.2011_20-34\LOG\avptool_sysinfo.zip
 


Offline A. User

  • Sr. Member
  • ****
  • Posts: 388
Re: Help deleting Rootkit.ZeroAccess
« Reply #17 on: December 23, 2012, 11:27:18 AM »
Hi LaLuz,
Download and run Kaspersky TDSS Killer- http://support.kaspersky.com/viruses/solutions?qid=208283363 it requires no installation! If you can't open programs download Rkill- http://www.bleepingcomputer.com/download/rkill/ it has many extensions, not only .exe ! After running it do not restart your computer and try to run Malwarebytes- http://www.malwarebytes.org/products/malwarebytes_free/ or Hitman pro- http://www.surfright.nl/en/hitmanpro/ If Rkill can't help you try Rogue Killer- http://tigzy.geekstogo.com/roguekiller.php If this can't help you restart in safe mode with networking and try again!
Hope this helps!

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Help deleting Rootkit.ZeroAccess
« Reply #18 on: December 23, 2012, 12:19:07 PM »
@liubomirwm what will that achieve, the MBR is clean, there are no run keys associated with malware, Hitmanpro has a record of killing systems.   Why do you propose these ?

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88899
  • No support PMs thanks
Re: Help deleting Rootkit.ZeroAccess
« Reply #19 on: December 23, 2012, 02:17:02 PM »
@ liubomirwm
What essexboy it probably too polite to say, is that only qualified malware removal specialists should give removal advice in the viruses and worms forum.

Considering I had only posted the same thing in Reply #13 for graham55, even more so does this apply as it also indicates you didn't read the topic.

Please refrain from offering advice on cleaning in the viruses and worms forum thank you.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline A. User

  • Sr. Member
  • ****
  • Posts: 388
Re: Help deleting Rootkit.ZeroAccess
« Reply #20 on: December 23, 2012, 03:07:26 PM »
Have you read the netiqette- "Never ever try to look like or act as AVAST Software a.s. employee if you are not." You can read it here: http://forum.avast.com/index.php?topic=93015.msg740725#msg740725 The forum administrators will review your replies! Because i am a registered member of the forum i CAN write in the whole forum!!!
« Last Edit: December 23, 2012, 03:14:43 PM by liubomirwm »

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48524
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Help deleting Rootkit.ZeroAccess
« Reply #21 on: December 23, 2012, 03:25:42 PM »
Quote from:  link=topic=111512.msg877413#msg877413 date=1356271646
Have you read the netiqette- "Never ever try to look like or act as AVAST Software a.s. employee if you are not." You can read it here: http://forum.avast.com/index.php?topic=93015.msg740725#msg740725 The forum administrators will review your replies! Because i am a registered member of the forum i CAN write in the whole forum!!!
You can also be banned when you don't follow rules or, give advice when you're not qualified to do so.
The first rule here is "Do no harm". Keep that in mind before you reply.
Leave Malware removal to those that are qualified and certified to do so.

« Last Edit: December 14, 2021, 12:13:19 PM by Eva137 »
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76037
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: Help deleting Rootkit.ZeroAccess
« Reply #22 on: December 23, 2012, 03:30:06 PM »
Quote from:  link=topic=111512.msg877413#msg877413 date=1356271646
1. Have you read the netiqette- "Never ever try to look like or act as AVAST Software a.s. employee if you are not."
2. The forum administrators will review your replies!
3. Because i am a registered member of the forum i CAN write in the whole forum!!!

1. And who does so..?? ??? ::)
2. Aha. OK.
3. Well, sure you can. But unless you are a certified expert, you shouldn't give advice in V&W.
« Last Edit: December 14, 2021, 12:13:08 PM by Eva137 »
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline A. User

  • Sr. Member
  • ****
  • Posts: 388
Re: Help deleting Rootkit.ZeroAccess
« Reply #23 on: December 23, 2012, 03:59:52 PM »
Who certified you? You should stop argue NOW!  ;D >:( 8)

PS.: I won't be banned because i follow the rules.
« Last Edit: December 23, 2012, 04:01:52 PM by liubomirwm »

Offline CraigB

  • Avast Überevangelist
  • Serious Graphoman
  • *****
  • Posts: 11239
  • No support PM's thanks
Re: Help deleting Rootkit.ZeroAccess
« Reply #24 on: December 23, 2012, 04:14:50 PM »
Quote from:  link=topic=111512.msg877432#msg877432 date=1356274792
Who certified you? You should stop argue NOW!  ;D >:( 8)

PS.: I won't be banned because i follow the rules.
The rules of posting help in the viruses and worms section by un-qualified persons has already been explained as not allowed so please adhere to this for your own benefit as like others have already stated " you could be banned " for disrupting.
« Last Edit: December 14, 2021, 12:12:54 PM by Eva137 »

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37506
  • Not a avast user
Re: Help deleting Rootkit.ZeroAccess
« Reply #25 on: December 23, 2012, 04:16:58 PM »
Quote
PS.: I won't be banned because i follow the rules.
time will tell.....

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76037
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: Help deleting Rootkit.ZeroAccess
« Reply #26 on: December 23, 2012, 06:00:33 PM »
Quote from:  link=topic=111512.msg877432#msg877432 date=1356274792
PS.: I won't be banned because i follow the rules.

Rules..!!?? You're talking about rules, while you're trying to use cracked (yes, we know) software ..!! ::) >:(

PS: Forum rules have been updated..!!! :P

  • Do not harm by advice - especially in virus removal threads advice only if you know what will be the result.
« Last Edit: December 14, 2021, 12:12:40 PM by Eva137 »
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline A. User

  • Sr. Member
  • ****
  • Posts: 388
Re: Help deleting Rootkit.ZeroAccess
« Reply #27 on: December 23, 2012, 06:08:44 PM »
wtf wtf?!?! What cracked software man- are you crazy? I have told you to stop argue.

Offline CraigB

  • Avast Überevangelist
  • Serious Graphoman
  • *****
  • Posts: 11239
  • No support PM's thanks
Re: Help deleting Rootkit.ZeroAccess
« Reply #28 on: December 23, 2012, 06:16:18 PM »
Quote from:  link=topic=111512.msg877468#msg877468 date=1356282524
wtf wtf?!?! What cracked software man- are you crazy? I have told you to stop argue.
Maybe the cracked avast license you've discussed on the PirateBay and a cracked version of windows 7 that you have seeked help for at answers.microsoft.com.

We see all ;D
« Last Edit: December 14, 2021, 12:12:26 PM by Eva137 »

Offline A. User

  • Sr. Member
  • ****
  • Posts: 388
Re: Help deleting Rootkit.ZeroAccess
« Reply #29 on: December 23, 2012, 06:38:09 PM »
Craigb tell your friend Martin that the rules are the same. Of course you see all- because you search all. Look below my nickname - im WATCHED like you
« Last Edit: December 23, 2012, 06:41:12 PM by liubomirwm »