Announcement

Collapse
No announcement yet.

Help have a virus..

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    Help have a virus..

    Malwarebytes keep finding this and have to restart to delete but when i do that and run scan again its still there'

    Trojan.Zaccess HKLM\SYSTEM\CurrentControlSet\Services\gupdate

    I have googled and all i get is forums posting loads of data and very detailed explainations of how to remove this which i dont really understand.

    Q. Is it dangerous and can I remove it simply

    PLEASE HELP

    ty

    lappie auto shut down as i was using it with something similar to this, I switched off and on and it working now but worried


    #2
    pm Bubbleking.

    Comment


      #3
      Its fairly nasty.
      If you find following the removal instructions a bit daunting would you prefer reformatting the drive and reinstalling the os?
      Unless you have data you need to recover I'd be inclined to do a re install .
      Turning millions into thousands

      Comment


        #4
        lappie is a few years old and dont have OS disc

        Comment


          #5
          If it is running Windows Vista or later, it should have a recovery partition that you can enable at startup and there is no need for a disc. Usually F8, F10 or F12 at startup. google your computer model and see what the recovery key is.

          Comment


            #6
            Originally posted by Strewelpeter View Post
            Its fairly nasty.
            If you find following the removal instructions a bit daunting would you prefer reformatting the drive and reinstalling the os?
            Unless you have data you need to recover I'd be inclined to do a re install .
            this, if not backup all important info and use this as a learning experience.
            Try this it's a lovely little tool

            double click Mbar.exe
            Click on the Cleanup button to remove any threats and reboot
            Wait while the system shuts down and the cleanup process is performed.
            Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.

            report back when done, if no joy we can look at other options
            People say I should be more humble I hope they understand, they don't listen when you mumble
            Get a shiny metal Revolut card! And a free tenner!
            https://revolut.com/referral/jamesb8!G10D21

            Comment


              #7
              have ran rogue killer which found a heap and got rid of them but still after running it 3 times the ZeroAccess tyhing still there...it seems to be latched onto windows update but am kinda dim at this...have run rootkit but it said all OK

              got this description of it from a mate..

              The rootkit component of ZeroAccess utilizes an advanced method for protecting itself and disabling any
              security tool trying to detect and remove it.
              A tripwire device is a protection method known for some time but has never been seen used like this in a rootkit. The malware creates a harmless executable file and attaches to it a virtual device that is then
              monitored by the rootkit. This executable is then installed as a service to run every time the system runs.
              When a security tool tries to access the file on disk or the process in memory, the virtual device attached to
              the file is triggered, and the rootkit identifies the access attempt, triggering its protection system.
              will try mbar now thanks

              I needs a drink

              Comment


                #8
                still a lingering PUP thingy showing up atm in MalvareBytes scan

                aint seen Zaccess in a while

                will keep running things regular for a while and hopefully all sorted

                thanks for help all

                Comment


                  #9
                  What make is the laptop?
                  Did u download any video player rececently such as ilivid or something similiar?
                  Have fixed a few laptops recently that had virus's similiar to this and most have come from a downloaded film that needed a certain video player to play it.
                  The smarter you play the luckier you'll be
                  MTT Calender 2015

                  Comment


                    #10
                    Originally posted by Nuttkickker View Post
                    What make is the laptop?
                    Did u download any video player rececently such as ilivid or something similiar?
                    Have fixed a few laptops recently that had virus's similiar to this and most have come from a downloaded film that needed a certain video player to play it.
                    yeah did follow a link on here for sports feed which required ilivid or summit, got a load of ads etc and just gave up and logged outta them all without getting feed. activated ad blocker on firefox after that

                    its acer lappie btw

                    will see tmw if the demon is back

                    Comment


                      #11
                      ok. can u boot up at all? if you can see if you can remove ilivid but it has prob changed some settings to stop you, has prob altered you antivirus too. check online see if theres a step by step guide to this problem.
                      If this cant be done acer have an option to do a factory reset which will completely restore the laptop and this can be done even if it wont boot. you will lose everything that was on but will be like brand new after
                      The smarter you play the luckier you'll be
                      MTT Calender 2015

                      Comment


                        #12
                        also you wont need any discs its all for doing the restore
                        The smarter you play the luckier you'll be
                        MTT Calender 2015

                        Comment


                          #13
                          Ran Malware Scan and for 1st time in a while it has come back '0' found.

                          Gonna monitor my browsing and keep checking and hopefully it dont come back.

                          TY all once again

                          Comment


                            #14
                            sorry never read your first post properly. thought when i seen the blue screen it wouldnt boot.
                            I would still try to remove ilivid from your computer it can be dangerous and will usually change settings so it is undetected as a virus

                            If you cant do this you could try restore to an earlier date from before it was installed but i think it may block you from doing this too, another reason i would want to get rid of this. If it is going to the trouble of changing so many settings to go undetected and stopping you from removing it, it can't be good
                            The smarter you play the luckier you'll be
                            MTT Calender 2015

                            Comment

                            Working...
                            X