Anti-Rootkit from Malwarebytes in Beta got a lot better now- its now able to detect and remove most dangerous ZAcess variant from Windows. Malwarebytes blog notes “This new build removes the (ZAcess) rootkit and automatically starts the repair process to patch up damages committed by the rootkit, including fixing Windows Defender. “
If you don’t know about ZAcess aka SIREFEF rootkit, this malware can able to enter into user PCs through pirated movie titles or compromised websites or by drive by downloads or through adult-rated websites. This rootkit once infects your system, security software including Windows Defender will stop functioning. It redirects browser to ad sites, that may not safe to visit.
Malwarebyes Anti-Rootkit (MBAR) detects and removes ZAccess variant upon scanning and disinfects patched files by malware and also fixes Windows Defender.
How to remove ZAccess/SIREFEF Rootkit using MBAR
Download MBAR zip file, extract contents to a folder and run program executable. Update malware definitions- this is necessary to detect latest threats. And next, start scanning the system. Click “Cleanup” button if any threats were detected, system will restart to cleanup the threats.
After restart, perform the scan again to reconfirm there are no rootkits on your computer and make sure crucial services like Windows Update, Windows Firewall are functioning and check you can have access to the internet.
If you found any issues with these crucial components, run fixdamage.exe tool in Plugins folder under mbar root directory.
Though MBAR looks stable, you should remember it is still in beta phase.
Note: Since MBAR uses MBAM’s chameleon technology, so you’ll able to run this any how if your system is already infected by viruses or threats.
Malwarebytes Anti-Rootkit Beta latest version is 1.0.6, you can download it from its homepage.