How to get rid of the rootkit/trojan ZeroAccess

First off, I'm running Windows XP.

My boyfriend and I got this computer from his family and ever since we've noticed it runs rather slow. The previous owners had told us that it had ran decently, but when we got it, this didn't seem to be the case. Internet Explorer in particular would crash or freeze up. Eventually we had to just install Firefox in order to use the internet at all. We've deleted files that weren't needed and most of the games that were on the computer, but that didn't seem to do anything. We had someone look at the computer and he suggested that it was the RAM.

I had my doubts, but as far as gaming went, he could've been right. But I suspected some form of Malware or Virus. When we signed up for Cox we got McAfee for free and it's done a pretty good job blocking programs and viruses but one in particular keeps popping up. ZeroAccess.

I've tried to manually delete it as well as having McAfee delete or quarantine it and it hasn't been able to do so. I researched it and found out why, the tricky little devil. Once I found it in my system32 folder it finally was quarantined but I don't think it actually was. The computer is still slow and will take about 20 minutes just to open up standard windows within the system. How can I get rid of this?

I can't afford to buy anything to wipe it out, as I am expecting a child in the next month and all our funds have been going to preparation, and would rather not have to start from scratch. However, I need this computer for school and so it is kind of a urgent matter and I'll do whatever it takes to make this run smoothly again. Any suggestions?

0 Kudos
2 Replies

Re: How to get rid of the rootkit/trojan ZeroAccess

One-on-one Malware Analysis/Removal is no longer done at the Dell Forums.  

Please follow the directions at http://spywarehammer.com/simplemachinesforum/index.php?topic=12262.0 to register and post the requested logs at spywarehammer.com ; there are expert helpers there who can "walk you through" procedures to analyze your system, and clean-up the infection.   All help provided there is FREE.   If you decide to go for help there, please wait for a response, and do NOT attempt to run any other scans/removers on your own --- do exactly what they instruct you to do, no more, no less.

Good luck!

Free Internet Security - WOT Web of Trust       Use OpenDNS       MalwareBytes Anti-Malware

Windows 7 Pro SP1 (64-bit), avast! v17 Free, MBAM Pro, Windows Firewall, OpenDNS Family Shield, SpywareBlaster, MVPS HOSTS file, MBAE Premium, MCShield, WinPatrol PLUS, SAS (on-demand scanner), Zemana AntiLogger Free, IE11 & Firefox (both using WOT [IE set to WARN, FF set to BLOCK]), uBlock Origin, CryptoPrevent, Secunia PSI.

[I believe computer-users who sandbox (Sandboxie) are acting prudently.]

0 Kudos

Re: How to get rid of the rootkit/trojan ZeroAccess

Hi FadingAqueous,

Yes, removing ZA requires more than what McAfee can handle. Please follow ky331's suggestion to post at SpywareHammer. If you use the same username as here, I can ask one of the staff there to help you as soon as possible. The helpers there have access to special (free) tools that target ZeroAccess.

Windows Insider MVP 2016 -

Microsoft MVP - Consumer Security 2006-2016

Social Media and Community Professional

I am not a Microsoft or a Dell employee. I am a volunteer.


0 Kudos