Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: ZeroAccess? Virus Removal help Please!

29 Jul 2014   #11
zippo

Windows 7 Ultimate x64
 
 

I have 2 versions of windows 7 and both of them are clean DVD's. At this moment I don't have another machine to make another copy. Ive read alot of articles about some rootkits attaching themselves to the bios so reformatting and wiping the drive does no good. Im just wondering if maybe im the lucky one who has it in the bios? I've wiped the drive at least 5 times already and have re-installed windows about 10 times. I'll go run another diskpart and do a clean command. I'll be back soon to check back.


My System SpecsSystem Spec
29 Jul 2014   #12
zippo

Windows 7 Ultimate x64
 
 

ntoskrnl.exe has suspicious modifications according to gmer. Don't know if this helps you at all?
My System SpecsSystem Spec
01 Aug 2014   #13
Borg 386

Win 7 32 Home Premium, Win 7 64 Pro, Win 8.1 Pro
 
 

It's just a matter of figuring out where the re-infection is coming from. It could be the BIOS, but first examine all the other alternatives. Is it coming from infected files, if so, what is the source. If there is any way you can get to another clean PC & make a new Win 7 disk, that would eliminate one possible source.

One tool you can use to look at your HDD is GParted. It is a boot partition editor. If you are infected, the rootkit will show up as a hidden boot partition at the end of the drive, usually between 1 - 10 MB. With this tool you can eliminate this partition. Be sure to read the documentation.

GParted -- A free application for graphically managing disk device partitions
My System SpecsSystem Spec
01 Aug 2014   #14
BugMeister

64-Bit W7 Ult_sp1
 
 

You could try running Windows Defender Offline, once you've got the OS installed..
the virus is obviously re-initializing, so you've got to isolate it before it starts up..
My System SpecsSystem Spec
01 Aug 2014   #15
jumanji

Windows 7 Home Premium 32 bit
 
 

It is easy for ZeroAccess virus to come back if one is not thoughtful and prudent. ZeroAccess rootkit virus can return resorting to autorun.inf and other correspondent virus programs generated in local hardware, memory stick or external hard drive with automatic playback function. So you need to sanitize all external devices you connect to your PC apart from your other internal drives.
My System SpecsSystem Spec
Reply

 ZeroAccess? Virus Removal help Please!




Thread Tools





Similar help and support threads
Thread Forum
Virus Removal
Just bought a laptop pretty decently priced even with the virus problem. I am just having problems getting rid of this one. It has content explorer which sets up proxy so after disabling it i can not get on net to install removal sofware. It has wb.exe, pc health, a password viewer, scorpion...
System Security
Power icon missing after removal ZeroAccess rootkit
I removed this nasty from my cousin's laptop about 5 months ago w/ a combination of RKill, Farbar's Service Scanner, Eset Sirifef tool & services repair, ComboFix, MBAM.... and a couple others. One of the residual problems was Action Center was missing from the notification area and I was able to...
General Discussion
Want ideas for Virus removal if virus shows up in safemode CMD
Hi, Looking for general ideas on how everyone else handles a strong virus. If the virus is showing up in Windows regular mode, it opens in safemode and opens in safmode with command prompt. Besides the usual such as boot to repair mode and use system restore, dock hard drive to another pc and...
System Security
Virus Removal
My Microsoft Security Essentials keeps alerting me to something called: Name: Exploit:HTML/IframeRef.gen Alert Level: Severe I click remove but sometime later the message pops up again saying to remove. I have clicked remove quite enough times now but still the pop-up appears. I have also...
System Security
need some info on virus removal
when you take it to a store to remove a virus what and how do they do it ? do they use a antivirus program to scan the pc and remove the virus ? do they reinstall windows with a used or new windows install disk ? im thinking of posting on craigslist that i could do this for people i have not...
System Security
After Virus Removal
After virus removal, this message has been popping up every time I start the computer. What do I do to restore these two DLL files? Startup repair has done nothing and I don't want to system restore because I just installed tons of drivers.
System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 18:13.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App