PC viruses have plagued computer users for years now. No matter how advanced the antiviruses get or how smart they become, there is always that new virus doing the rounds of the internet that manages to fool every antivirus on the planet. Currently, the situation is almost same with the ZeroAccess virus. The ZeroAccess Virus Removal process can be tricky!

What Is ZeroAccess Virus

The Trojan.ZeroAccess.B is a virus belonging to the Sirefef family and employs rootkit techniques on the infected computer. Traditionally rootkit viruses are very hard to detect and remove and it is no exception with the ZeroAccess virus. It alters registry entries, shuts down antivirus protection, disables firewall and creates hidden files to launch itself. It is also known to unleash other malwares or viruses in the system to make defence mechanisms completely useless. It can also patch Windows driver files with its own code for malicious reasons. Some variants of the ZeroAccess are known to connect to remote computers and send your personal information to them.

How to Identify and Remove ZeroAccess Virus

The infection mainly spreads through different application downloads and attachments. Once inside the PC, it has the ability to completely take control of the systems. Rootkit viruses are the hardest to remove among all variations of viruses so it can be tricky to get rid of the ZeroAccess virus. But if not removed quickly it might result in loss of all the data in the Hard Disk.

There are some methods to remove the ZeroAccess available in the internet. The signs of infection by ZeroAccess includes sudden slowdown of the PC and applications, frequent pop ups while surfing the net and random redirection to unwanted sites. One of the trusted methods of removing the virus manually is fairly easy to perform and the instructions are as follows:

Restart your PC and press F8 to bring up Windows Advanced Options Menu. Select the “Safe Mode With Networking” option and press Enter.

Open the Task Manager by pressing Ctrl +Alt + Del and kill any processes created by the ZeroAccess virus.

Open run and type regedit. This will open the registry editor. Here you have to delete the malicious entries created by ZeroAccess virus. The following paths will have some entries created by the virus. Delete those entrties.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\random

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run\ random

Find and delete the C:\WINDOWS\assembly\GAC\Desktop.ini and C:\WINDOWS\system32\ping.exe files. This should take care of the ZeroAccess virus issue.

There is another option available to help you with the process killing and registry editing process in case you are not confident doing them. Just follow the steps mentioned below:

Open Internet Explorer and go to Options-> Connections-> Lan Settings and if the check box under proxy server is checked, uncheck it.

There are several tools available free on the internet, such as: Combofix, MalwareBytes, SuperAntiSpyware, and more.

But all the antivirus companies are working on it at 24/7 and a proper solution will be out soon. Till then stay safe, do not download unknown files and keep this tutorial handy.