New Tool Released: Kiss (or Kick) ZeroAccess Goodbye

by


Add to FacebookAdd to DiggAdd to Del.icio.usAdd to StumbleuponAdd to RedditAdd to BlinklistAdd to TwitterAdd to TechnoratiAdd to Yahoo BuzzAdd to Newsvine

There are fewer types of malware infections more frustrating and annoying than a rootkit with backdoor capabilities. Over the past couple of years, we’ve seen the emergence of this new, tough-to-fight infectious code, and its transformation from nuisance to severe threat.

With the hard work and perseverance of Threat Research Analyst and master reverse-engineer Marco Giuliani, we’re proud to release the latest build of a tool we’ve used internally to clean the infections from the notable ZeroAccess rootkit off of victims’ computers. AntiZeroAccess exploits many of the vulnerabilities that Marco discovered in the rootkit to cleanly remove the rootkit code from infected machines.

The free tool removes the rootkit but does not restore the Access Control Lists (ACLs) that have been modified by the rootkit. For that, you’ll probably want to use a free tool like SetACL, which can make software functional that ZeroAccess disabled by modifying its ACL.


Trackbacks

  1. [...] senza preavviso sul vostro pc, è opportuno eseguire una scansione gratuita con il nostro tool: http://blog.webroot.com/2011/08/03/new-tool-released-kiss-or-kick-zeroaccess-goodbye/ (che tra l’altro ho ideato e sviluppato io [...]

  2. [...] about this rootkit, and a link to a program to remove it from 32 bit systems, can be found on this page. The AntiZeroAccess tool can be downloaded from the link in the second [...]

  3. [...] les adwares, PUP/LPIs, toolbars, hijackers… - Adwprotector Résident Anti-Adware… - AntiZeroAcess Outil visant à supprimer les rootkits ZeroAcess. - Combofix Suppression tous types de [...]