Win64:ZAcces-E [Rtk] is a pesky Trojan detected by Avast that is mainly found in C:\Windows\system32\ and it targets to attack computer with 64-bit OS. Being as a trojan, it can open a backdoor to make more threats get inside an infected computer such as Win32:Sirefef-FQ[Drp] and Win32:Sirefef-HO[Drp]. Although Avast lists these viruses are located in C:\Windows\assembly\GAC_64\desktop.ini, it is still be a hard job for users to remove them.
This tricky Trojan creates lot of malicious files to occupy system resources and these files will disguise as legit system files to escape from the detection of your Antivirus. Thus, it is not surprised that Avast shows this virus again and again after every removal and reboot. Once this virus installed, it will corrupt your system files, slow down your computer as well pop up unwanted ads randomly. Furthermore, it disables your firewall and make all the personal or confidential information secretly passed over to the intended attacker who would further misuse it for stealing money from your bank account or leaking the confidential information out to other sources.
It can propagate via infected or hacked websites.
It can steal financial information and sensitive data such as online passwords and credit card numbers.
It can slow down your PC speed notably.
It can destroy critical system files and make PC unstable.
It may result in serious Internet connection issues.
1. Reboot your computer to safe mode with networking. As your computer restarts but before Windows launches, tap “F8” key constantly.
2. Show hidden files and folders.
Open Folder Options by clicking the Start button, clicking Control Panel, clicking Appearance and Personalization, and then clicking Folder Options.
Click the View tab.
Under Advanced settings, click Show hidden files and folders, uncheck Hide protected operating system files (Recommended) and then click OK.
3. Open Registry entries. Find out the malicious files and entries and then delete all.
Attention: Always be sure to back up your PC before making any changes.
a. Press the “Start” button and then choose the option “Run”. In the “Open” field, type “regedit” and click the “OK” button.
b. All malicious files and registry entries that should be deleted:
%AllUsersProfile%\Application Data\~
%AllUsersProfile%\Application Data\~r
%UserProfile%\Start Menu\Programs\Win64:ZAcces-E [Rtk]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\random
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run\Win64:ZAcces-E [Rtk]
If you failed to remove Win64:ZAcces-E [Rtk] with the instructions above or need any assistant, you are welcome to contact YooCare experts to resolve all the problems completely.
Published by on July 2, 2012 9:16 am, last updated on August 17, 2012 5:08 pm
Leave a Reply
You must be logged in to post a comment.