Also known as: Trojan.Zeroaccess.B, Trojan.Zeroaccess.C, Trojan.Zeroaccess!inf4, max++
Severity scale: (47 / 100)
- Trojan.ZeroAccess is a Trojan horse that hides itself in the system with the help of the advanced ZeroAccess rootkit. Mostly, this trojan is used to open the backdoors of the compromised PC, download malware programs and even create a hidden file system which allows it to store all its components. Besides, it is also capable to update itself through peer-to-peer networks what helps for its authors to improve Trojan.Zeroaccess and add more functionality. It's named as Zeroaccess because of the string found in its kernel driver code, which points to the ZeroAccess, the original project's, folder. However, you can also find it named as max++.
- or the latest Trojan.Zeroaccess!gen10 and Trojan.Zeroaccess!gen11..
There are several ways how you can get infected with Trojan.ZeroAccess or one of its modified versions. It may come from the websites that host Trojan.Zeroaccess, with a help of browser redirections to the same compromised websites, Blackhole Exploit Toolkit or the Bleeding Life Toolkit that both have powerful set of exploits. Note that there are many versions of this trojan, like Trojan.Zeroaccess!kmem, Trojan.Zeroaccess.B, Trojan.zeroaccess!inf, Trojan.Zeroaccess!inf2, Trojan.Zeroaccess!inf3, Trojan.Zeroaccess.C, Trojan.Zeroaccess!inf4
- As soon as it gets inside the target PC, Trojan.ZeroAccess downloads an application that starts monitoring victim's Web searches and redirects search results. This is done for making the money through pay-per-click advertising. Besides, Trojan.ZeroAccess is also capable to download other threats, like rogue applications or malware. These scams work on displaying for the user invented information about threats found and then push them to purchase licensed version. Opening a back door of the system and connecting it to a command and control (C&C) server is also a simple task for this trojan. This allows for the attacker to get the access to the compromised computer and perform various unwanted actions on the PC.
HOW CAN YOU REMOVE TROJAN.ZEROACCESS
There are several ways how you can remove trojan.ZeroAccess. Firstly you can try to download anti-malware and anti-virus programs. In this case, we recommend SpyHunter and STOPzilla. However, you can try running Hitman Pro or Kaspersky as well. If you are blocked by ZeroAccess, firstly you should use anti-rootkit tools and then anti-malware programs. Finally, you can try using thebootable CDs. However, note that that's the most difficult way to remove Trojan.ZeroAccess and you should contact the professional to help you with this method if you don't have enough knowledge about system's architecture.
Automatic Trojan.Zeroaccess removal:
It might be that we are affiliated with any of our recommended products. Full disclosure can be found in our Agreement of Use.
and Agreement of Use
We are testing STOPzilla's efficiency at removing Trojan.Zeroaccess
Malwarebytes Anti Malware
We are testing Malwarebytes Anti Malware's efficiency at removing Trojan.Zeroaccess
We are testing XoftSpySE Anti Spyware's efficiency at removing Trojan.Zeroaccess
We are testing Defender Pro Ultimate's efficiency at removing Trojan.Zeroaccess
what to do if you failed to remove the infection?
Help Line to remove Trojan.Zeroaccess
Geolocation of Trojan.Zeroaccess:
This map reveals the prevalence of Trojan.Zeroaccess. Countries and regions that have been affected the most are: United States.
QR code for Trojan.Zeroaccess removal instructions:
QR is short for Quick Response. They can be read quickly by the mobile phones. QR codes can store more data than standard barcodes, including url links, geo coordinates, and text.
The reason we add QR code to the website is that parasites like Trojan.Zeroaccess are really hard to remove on infected computer.
you can quicly scan the QR code with your mobile device and have manual removal instructions to uninstall Trojan.Zeroaccess right in your pocket.
Simply use the QR scanner and read removal instructions from mobile device.
Removal guides in other languages
Information added: 2012-09-14 07:38:06
Information updated: 2012-09-14 07:38:06
Attention: If you know know a reputable website reated to security threats, please add a link here: add
Like us on Facebook
Latest spyware news:
Subscribe to spyware news
Spreading the knowledge:
It is very hard to fight against computer parasites on the Internet alone. If you have a website, we would be more than happy if you would like to cooperate and help us spread the information about latest threats. Remember, knowledge is the most powerful weapon. Help your visitors protect their computers!