MSIL/Zeven is a threat promoting Win7 AV. At first, Rogue:MSIL/Zeven detects what type of browser you use and then created a warning page.
If you click on the warning, you are redirected to the website of Win7 AV.
The symptoms shown by a pc victim of MSIL/Zeven are:
- Slower system
- Modified browser settings
- Continuous pop-ups during browsing
- Impossibility in some cases to connect to internet
How to get rid of the virus.
The tool that has shown to be efficient in removing the MSIL/Zeven is:
Malwarebytes Anti-Malware
Clean up with Malwarebytes Anti-Malware.
Download Malwarebytes’ Anti-Malware onto the desktop, being careful to rename the file with a generic name, for example:
- mbam-setup.com
- iexplore.exe
- explorer.exe
- userinit.exe
- winlogon.exe
Proceed then with installation.
Start up the software, proceed first with the update and then perform a scanning in the system’s modality “Complete scanning”.
Select on each found malware and click on “Remove selected”.
Once you have obtained confirmation that each malware has been removed, you can close the program and restart the system.
If the malware were to inhibit the start up of Malwarebytes Anti-Malware, download and run one of the following tools to unblock the start up:
Rkill.com
Rkill.exe
iExplore.exe
rkill.pif
rkill.scr
uSeRiNiT.exe
WiNlOgOn.exe
If you are still not able to run Malwarebytes Anti-Malware with any of the software shown above, proceed like this:
Go to folder C: \Programs\Malwarebytes Anti-Malware. Here locate and rename the file mbam.exe with one of the following names:
- mbam.com
- iexplore.exe
- explorer.exe
- userinit.exe
- winlogon.exe
If the malware inhibits internet access and therefore updating the software, proceed as follows:
Run Internet Explorer and from the menu click first on Instruments and then on Internet Options
Click on Connections and then on LAN Settings.
Unclick the field “use a proxy server”, and click on ok to confirm.
Click Apply. Click OK.
Now you should be able to reconnect to internet.
