This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

trojan horse removal problem

hi guys used my sophos virus removal kit but it could not remove this Troj/ZAccInf-B in services.exe any ideas as to what i can do about this without having to try find a backup !!!!

This thread was automatically locked due to age.

Parents

0 Transfixor over 12 years ago

@ creasey84: looks like you have a rootkit....the Trojan being detected is part of the ZeroAccess family of malware
http://www.sophos.com/en-us/threat-center/threat-analyses/viruses-and-spyware/Troj~ZAccInf-B/detailed-analysis.aspx
Check this site for details about ZeroAccess.
known behavior includes
• Disable security applications
• Downloads malicious files
• Infects files
• Steals information
This information is quoted from the Wikipedia Rootkit page:
Rootkit detection is difficult because a rootkit may be able to subvert the software that is intended to find it. Detection methods include using an alternative, trusted operating system; behavioral-based methods; signature scanning; difference scanning; and memory dump analysis. Removal can be complicated or practically impossible, especially in cases where the rootkit resides in the kernel; reinstallation of the operating system may be the only available solution to the problem.
Bottom line: time to back up all your data and rebuild your computer.
:26729
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 Transfixor over 12 years ago

@ creasey84: looks like you have a rootkit....the Trojan being detected is part of the ZeroAccess family of malware
http://www.sophos.com/en-us/threat-center/threat-analyses/viruses-and-spyware/Troj~ZAccInf-B/detailed-analysis.aspx
Check this site for details about ZeroAccess.
known behavior includes
• Disable security applications
• Downloads malicious files
• Infects files
• Steals information
This information is quoted from the Wikipedia Rootkit page:
Rootkit detection is difficult because a rootkit may be able to subvert the software that is intended to find it. Detection methods include using an alternative, trusted operating system; behavioral-based methods; signature scanning; difference scanning; and memory dump analysis. Removal can be complicated or practically impossible, especially in cases where the rootkit resides in the kernel; reinstallation of the operating system may be the only available solution to the problem.
Bottom line: time to back up all your data and rebuild your computer.
:26729
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data