-
October 23rd, 2012, 06:51 PM
#1
Registered User
Steps to remove Sirefef/ZeroAccess
Today I encountered this on our network, it messes with our VPN and other remote services. This is the solution I found to resolve it. Also if you have a vpn program you use it is suggested to remove it and reinstall it as the infector can corrupt it.
Download the following:
Combofix http://www.bleepingcomputer.com/download/combofix/ rename to cfix.exe (click the blue download button)
TDSSKiller http://support.kaspersky.com/faq/?qid=208283363 rename to tk.exe
SUPERAntiSpyware Free Edition http://www.superantispyware.com/down...NTISPYWAREFREE rename the installer
JavaRA Java removal utility http://sourceforge.net/projects/javara/
1. Run cfix.exe, agree to all but the recovery console installation. If you are doing this remotely, inform the user that they have to manually complete this part as it terminates all remote connections constantly throughout its use.
2. Once the scan is completed run tk.exe, click change parameters, and check the boxes for the following tabs: System memory; Services and drivers; Boot sectors; Verify file digital signatures; Detect TDLFS file system
3. Click Start Scan
4. Quarantine all, then choose any files to not quarantine only if they are familiar to you and the operation of a program required to function. If you quarantine all you will be able to recover anything you accidentally did not want to remove.
5. Install SuperAntiSpyware, do a custom install and uncheck any useless features and decline the trial of the pro version.
6. Run a complete scan.
7. Quarantine/delete all results
8. Run JavaRA, click additional tasks and put a check in the following: Remove Useless JRE Files; Remove Startup Entry; Remove Sun Download Manager; Remove Java IE BHO; Remove JAVA Console Extention, and click Go.
9. Reinstall java from www.java.com
One Script to rule them all.
One Script to find them.
One Script to bring them all,
and clean up after itself.
Similar Threads
-
By Matridom in forum Tech Lounge & Tales
Replies: 24
Last Post: May 8th, 2004, 03:41 PM
-
By thepurpledino in forum BIOS/Motherboard Drivers
Replies: 8
Last Post: March 25th, 2004, 05:31 PM
-
By Draggar in forum Tech Lounge & Tales
Replies: 1
Last Post: June 17th, 2002, 04:13 PM
-
By dasygirl128 in forum Hard Drive/IDE/SCSI Drivers
Replies: 17
Last Post: April 23rd, 2001, 09:35 PM
-
By wakko42 in forum Windows NT/2000
Replies: 2
Last Post: October 2nd, 2000, 09:01 AM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Bookmarks