Posted on 08/24/2012 10:24:48 AM PDT by ncfool
Sometime on Tuesday I clicked on a link on this site to a Anti-Obama link or picture. I evidently get a virus and have not been able to clean it. Its called PTCH_ZACCESS.A My Office IT guy has tried to clean a couple of times and its buried in the registry. Anybody have any experience with this bad virus. A screen keeps popping up wanting you to down load their virus removal software SECURITY SHIELD.
My warning is to be very careful as its says it will get into your info and look for banking and credit passwords.
I have that computer offline unitil I get it cleaned out.
They have this write up on it. http://about-threats.trendmicro.com/malware.aspx?language=au&name=PTCH_ZACCESS.A
any help is appreciated.
Back up your data and then reimage the computer. That’s about the surest way to remove the virus right there.
Found this at
http://www.zimbio.com/Spyware/articles/o6LebM1fdST/How+Remove+PTCH_ZACCESS+Manual+Removal+Guides
==
Step-by-Step Guides on How to Manually Eradicate PTCH_ZACCESS.A?
Step 1 : Go to Task Manager with Alt+Ctrl+Delete and stop its process.
random.exe
Step 2: Search for and delete its related files in Local Disk C:
C:\Documents and Settings\[UserName]\Local Settings\Application Data\[SET OF RANDOM CHARACTERS].exe
C:\Documents and Settings\[UserName]\Start Menu\Programs\[SET OF RANDOM CHARACTERS].exe
Step 3: Navigate to remove the registry entries associated as below in Registry Editor:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run “
On a clean PC, download MalwareBytes (malwarebytes.org) and copy to a thumb drive.
Install on your computer from the thumb drive and run the full scan. It should find it and remove it for you.
Try Anti-Malwarebytes anti-malware
http://www.malwarebytes.org/
or SuperAntispyware’s stuff.
http://www.superantispyware.com/
They are free and are the most effective I have tried.
Thanks I will do it when my IT guy gets back to the office. He thought he had it a couple of times. Went thru his cisco firewall too. He can see when it actually hit.
It also shows as : Live security platinum
Microsoft has the following on it too:
be sure and read instructions.
if MalwareBytes.exe will not run you can rename it to MalwareBytes.com
It sounds like one that I have gotten before. I went to Bleepingcomputer.com and went to their anti virus page. I downloaded Rkill for free from them to a thumbdrive on a different computer and plugged it into the infected one and ran the program. It has killed the bug on several computers for me. YMMV
any help is appreciated
Get Root !
Or anything other than mbam.exe. Most virus/malware programmers try to stop that process from running altogether.
Windows Defender Offline
http://windows.microsoft.com/en-US/windows/what-is-windows-defender-offline
bfl
can you install windows defender from a thumb drive?
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.