Rootkit.Win32.ZAccess.c
Posted: March 23, 2012
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Ranking: | 10,886 |
|---|---|
| Threat Level: | 2/10 |
| Infected PCs: | 18,060 |
| First Seen: | March 23, 2012 |
|---|---|
| Last Seen: | September 11, 2023 |
| OS(es) Affected: | Windows |
Rootkit.Win32.ZAccess.c is a component of a multiple-component infection that, depending on the software that's used to identify Rootkit.Win32.ZAccess.c, may be labeled as part of the TDSS Rootkit family, ZeroAccess Rootkit family or Sirefef family. As a small piece of a high-level security threat that's designed to conceal its attacks and obfuscate its code from security software, Rootkit.Win32.ZAccess.c is difficult to detect or remove, but SpywareRemove.com malware researchers recommend that you always delete Rootkit.Win32.ZAccess.c as soon as you can do so. Allowing Rootkit.Win32.ZAccess.c and affiliated computer threats to persist on your PC can result in browser hijacks, theft of personal information, the installation of scamware and other risks. Due to the severity of most infections that are associated with Rootkit.Win32.ZAccess.c, it's also suggested that you use Safe Mode and other safety measures to give your security programs the best chance to find and remove Rootkit.Win32.ZAccess.c and its fellow rootkit components.
Rootkit.Win32.ZAccess.c – an Old Rootkit Danger That's Still Going Strong
Reports of Rootkit.Win32.ZAccess.c attacks have circulated since 2010, along with other members of the TDSS and ZeroAccess families, but this malicious behavior on Rootkit.Win32.ZAccess.c's should be considered ongoing as of 2012. Since Rootkit.Win32.ZAccess.c is just a single component of an attack will always utilize several PC threats in cooperation, you should always respond to a Rootkit.Win32.ZAccess.c-related attack by scanning your entire PC with diagnostic software, rather than trying to single out and delete Rootkit.Win32.ZAccess.c by itself. In fact, SpywareRemove.com malware researchers note that there's a high probability of Rootkit.Win32.ZAccess.c being reinstalled if any associated PC threats aren't also removed at the same time as Rootkit.Win32.ZAccess.c.
Safe Mode is also recommended while trying to delete Rootkit.Win32.ZAccess.c, since it will reduce the possibility of interference by related rootkits and Trojans. Safe Mode can be accessed on any Windows PC by tapping F8 while your system boots, as long as Windows hasn't started loading. Until you've verified that Rootkit.Win32.ZAccess.c and other PC threats are removed from your computer, SpywareRemove.com malware analysts recommend that you use caution around the System Restore feature, which may also be infected. You may also be able to detect Rootkit.Win32.ZAccess.c-related memory processes as random numbers in Task Manager to verify its status as disabled or active.
What Happens When You Leave Rootkit.Win32.ZAccess.c to Its Own Devices
Rootkit.Win32.ZAccess.c may also be detected as Gen.Variant.Sirefef or other aliases, depending on the anti-malware program that identifies Rootkit.Win32.ZAccess.c. Although symptoms of a Rootkit.Win32.ZAccess.c infection may be very minor, the attacks that Rootkit.Win32.ZAccess.c and associated PC threats are capable of should always be considered high-level threats to your computer's safety. SpywareRemove.com malware experts note the following attacks, in particular, as being extremely likely during any Rootkit.Win32.ZAccess.c infection:
- Browser hijackers that block PC security sites, hijack your searches or redirect you to harmful sites.
- The installation of fake security products that display fraudulent warnings and scanner results.
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:ipsec.sys
File name: ipsec.sysFile type: System file
Mime Type: unknown/sys
Group: Malware file
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.