Remove Trojan.Zeroaccess
Removal instructions

Trojan.Zeroaccess is also known as Trojan.Zeroaccess.B, Trojan.Zeroaccess.C, Trojan.Zeroaccess!inf4, max++ | Type: Trojans | Tags: ZeroAccess
Severity scale:  
Trojan.ZeroAccess is a Trojan horse that hides itself in the system with the help of the advanced ZeroAccess rootkit. Mostly, this trojan is used to open the backdoors of the compromised PC, download malware programs and even create a hidden file system which allows it to store all its components. Besides, it is also capable to update itself through peer-to-peer networks what helps for its authors to improve Trojan.Zeroaccess and add more functionality. It's named as Zeroaccess because of the string found in its kernel driver code, which points to the ZeroAccess, the original project's, folder. However, you can also find it named as max++.

There are several ways how you can get infected with Trojan.ZeroAccess or one of its modified versions. It may come from the websites that host Trojan.Zeroaccess, with a help of browser redirections to the same compromised websites, Blackhole Exploit Toolkit or the Bleeding Life Toolkit that both have powerful set of exploits. Note that there are many versions of this trojan, like Trojan.Zeroaccess!kmem, Trojan.Zeroaccess.B, Trojan.zeroaccess!inf, Trojan.Zeroaccess!inf2, Trojan.Zeroaccess!inf3, Trojan.Zeroaccess.C, Trojan.Zeroaccess!inf4
or the latest Trojan.Zeroaccess!gen10 and Trojan.Zeroaccess!gen11..

As soon as it gets inside the target PC, Trojan.ZeroAccess downloads an application that starts monitoring victim's Web searches and redirects search results. This is done for making the money through pay-per-click advertising. Besides, Trojan.ZeroAccess is also capable to download other threats, like rogue applications or malware. These scams work on displaying for the user invented information about threats found and then push them to purchase licensed version. Opening a back door of the system and connecting it to a command and control (C&C) server is also a simple task for this trojan. This allows for the attacker to get the access to the compromised computer and perform various unwanted actions on the PC.


There are several ways how you can remove trojan.ZeroAccess. Firstly you can try to download anti-malware and anti-virus programs. In this case, we recommend SpyHunter and STOPzilla. However, you can try running Hitman Pro or Kaspersky as well. If you are blocked by ZeroAccess, firstly you should use anti-rootkit tools and then anti-malware programs. Finally, you can try using thebootable CDs. However, note that that's the most difficult way to remove Trojan.ZeroAccess and you should contact the professional to help you with this method if you don't have enough knowledge about system's architecture.

Automatic Trojan.Zeroaccess removal:

It might be that we are affiliated with any of our recommended products. Full disclosure can be found in our Agreement of Use.
By downloading any of provided Anti-spyware software to remove Trojan.Zeroaccess you agree with our Privacy Policy and Agreement of Use.
remover for Trojan.Zeroaccess
Compatible with OS X
Webroot SecureAnywhere AntiVirus is recommended remover to uninstall Trojan.Zeroaccess. You should confirm using free trial that it detects current version of parasite.
Not using OS X? Download a remover for Windows.
Do it now!
remover for Trojan.Zeroaccess Happiness
Compatible with Microsoft
SpyHunter is recommended remover to uninstall Trojan.Zeroaccess. You should confirm using free trial that it detects current version of parasite.
more than 40.000.000 downloads!
What to do if you failed to remove the infection?
If you failed to remove Trojan.Zeroaccess using Webroot SecureAnywhere AntiVirus SpyHunter, read here how to submit a support ticket or submit a question to our support team and provide as much details as possible.

Alternate Software

We are testing STOPzilla's efficiency at removing Trojan.Zeroaccess (2012-08-08 08:13:51)
Malwarebytes Anti Malware
We are testing Malwarebytes Anti Malware's efficiency at removing Trojan.Zeroaccess (2012-08-08 08:13:51)
XoftSpySE Anti Spyware
We are testing XoftSpySE Anti Spyware's efficiency at removing Trojan.Zeroaccess (2012-08-08 08:13:51)
Zemana Antimalware
Virus Removal Phone Support
Help Line to remove Trojan.Zeroaccess

Geolocation of Trojan.Zeroaccess

Map reveals the prevalence of Trojan.Zeroaccess. Countries and regions that have been affected the most are: United States.

Removal guides in other languages

Information added: 09/14/12 07:38; information updated: 09/14/12 07:38

Additional resources

Attention: If you know know a reputable website reated to security threats, please add a link here: add url

Comments on Trojan.Zeroaccess

If this virus is so dangerous and I want to try this product but asking for my CC how can I process the purchase? I am afraid my information be collected!
Used Spyhunter in the attempt of removing the Trojan.Zeroaccess. Spyhunter indicated the virus was isolated and deleted, however, upon running a second scan with McAfee, the virus remained/ Stored under C:WINDOWSassemblyGAC_32Desktop.ini. I still cant get rid of it. I try to access the file in Safe Mode in attempt to delete it....It prompts me that access is denied. I am lost. I need help.
My wifes PC had ZeroAccess. If her PC was on and connected to the network, all other PCs (family of five) on the network ground to a halt re. internet traffic. The first clue it was a virus and not a network component issue, was the fact that the MS Security Essentials (Win XP SP3) service had been halted inexplicably on my wifes PC, and the service would not restart. It was impossible to update Malwarebytes or to get MS Security Essentials running.

I booted from an Ultimate Boot CD for Windows (UCB4WIN) which I created years ago to remove a virus I had encountered a few years ago. I used Registry Restore to bring back the registry from a few days prior to the infection. (I have lost faith entirely in Windows System Restore, I dont even bother trying to use it anymore.) I then rebooted into Windows, and could update Malwarebytes. A full scan revealed "Trojan.0Access". Malwarebytes removed most of it, but suspicious folders remained in C:Recycler. RogueKiller was able to delete everything. I took the time to run CCleaner as well, cleaning over 5 GB of junk of the PC. Also updated MS Security Essentials.

Post a comment

Attention: Use this form only if you have additional information about Trojan.Zeroaccess parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.

Home page Name


(All fields are required)
Like us on Facebook
Recent Malware
Read on mobile
Press Mentions
I failed to remove Trojan.Zeroaccess using SpyHunter.


add text box
rss feed
help other
Spreading the knowledge: It is very hard to fight against computer parasites on the Internet alone. If you have a website, we would be more than happy if you would like to cooperate and help us spread the information about latest threats. Remember, knowledge is the most powerful weapon. Help your visitors protect their computers!