1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Rootkit.zeroaccess - delayed write failed and hidden files

Discussion in 'Virus & Other Malware Removal' started by djetaine, Nov 29, 2011.

Thread Status:
Not open for further replies.
  1. djetaine

    djetaine Thread Starter

    Joined:
    Nov 29, 2011
    Messages:
    1
    Recently at my company we have received a rash of field laptop with this virus. It has been insanely difficult to remove.
    (there is already a thread regarding this that someone posted about but I cant reply to it yet, only post new threads)

    TDSSKiller will not detect it, our enterprise software will not remove it but will detect it (McAfee), MBAM doesnt see all of it and Sophos AR doesnt see it either.

    Combofix WILL get rid of it but not just with a normal click and go.
    To get rid of it I have had to completely disable my AV software (I mean totally, disable it from the virus scan console as well as disable all the services related to it)

    Make sure you have AT LEAST combofix version 11.11.29.4. If you arent sure of what version you are running, right click on the file and click properties and then the details tab.

    Save combofix to your desktop.
    Create a new txt document called CFScript.txt
    Open this new document and type in:

    ClearJavaCache::

    Extra::


    This process should remove the rootkit and unhide all your files as well. I have tested this on 3 machines now and all have tested clean with MBAM, McAfee, Panda, AVG and Avira.
    If for some reason your files are still hidden download and run an application called unhide.exe

    I spent 3 days trying to figure out how to get rid of this once and for all without having to reimage. Hope this can be of use to someone else.
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Similar Threads - Rootkit zeroaccess delayed
  1. lunarlander
    Replies:
    5
    Views:
    652
  2. ricincalifornia
    Replies:
    2
    Views:
    480
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1028988

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice