Skip navigation
McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
8060 Views 3 Replies Latest reply: Dec 30, 2011 4:36 AM by kuttus RSS
bsd Newcomer 1 posts since
Nov 21, 2011
Currently Being Moderated

Nov 21, 2011 9:19 AM

How to get rid of this trojan?

Hai,

 

I am using McAfee  Antivirus Plus full version. Recently my laptop detected 2 trojans - "ZeroAccess.b" infected at C:\windows\assembly\GAC_64\Desktop.ini and " "ZeroAccess.b" infected at C:\windows\assembly\GAC_64\Desktop.ini. McAfee detected these 2 trojans, but it showed the status as Quarantine failed, for both these trojans. My McAfee is upto date.

 

When I went and saw the infected location I never found the file GAC_64\Desktop.ini so that I could have deleted them.

 

 

Please suggest me how to remove this trojan from my laptop. I am using windows 7 genuine version.

 

Looking forward for your reply.

 

Thanking you,

BSD

  • THIERRY PENHOAT Newcomer 1 posts since
    Dec 12, 2011
    Currently Being Moderated
    1. Dec 13, 2011 11:36 AM (in response to bsd)
    Re: How to get rid of this trojan?

    Hi bsd,

    i have exactly the same problem. did you manage to fix it ?

  • Ex_Brit Volunteer Moderator 59,605 posts since
    May 6, 2004
    Currently Being Moderated
    2. Dec 13, 2011 1:49 PM (in response to THIERRY PENHOAT)
    Re: How to get rid of this trojan?

    Moved to Malware Discussion > Home User Assistance.

     

    These infections should be removable using up to date VirusScan.  If necessary boot into Safe Mode and re-scan by opening Computer (My Computer in XP) and right-clicking the hard drive and selecting 'Scan'.    You'll see an animated icon near the system clock as the SecurityCenter does not open in Safe Mode.  

     

    If that fails to remove them, download, install, update (important) and run a full scan using the FREE version of THIS software.


    https://community.mcafee.com/servlet/JiveServlet/downloadImage/2-143933-5189/78-49/Peter.gif
    Toronto • Canada
    Volunteer Moderator
    I can't help you privately - please post in the Forums
    Use Advanced Forum Search To Find Answers
    Beta Test McAfee Products For PC & MAC
    How To Fix File Associations in Windows
    XP & Office 2003 End-Of-Life - 08 April, 2014
    Anti-Spyware/Malware & Hijacker Tools
  • kuttus Apprentice 59 posts since
    Dec 29, 2011
    Currently Being Moderated
    3. Dec 30, 2011 4:36 AM (in response to bsd)
    Re: How to get rid of this trojan?

    There may be one more infection assosiated with it. . To check it's presence you have to do one thing.

     

    In Windows XP

    ----------------------

     

    Click on the start meanu and press on Run.

    Inside the Run window type CMD and press on Okay.

    In the black Command Window type

    NETSH WINSOCK RESET and hit on enter.

     

    If you get a message

    "Sucessfully reset the Winsock Catalog.

    You must restart the machine in order to complete the reset." then you are safe.

    If not your computer is infected.

     

    Steps - 1

     

    Try the above steps.

     

    Steps-2

     

    Ping.exe is a infection. To fix this run a SIGVERIF on the compuiter. For that Click on Start Menue -> Click on Run -> Type SIGVERIF and press on Ok.

    Follow the instructions.

     

    It will detect one infected *.sys  file. You have to replace that file from the recovery console.

     

    The other solution to fix it is a Fresh Installation.

     

    In Windows Vista and Windows 7

    --------------------------------------…

     

    Click on the Start Menu and in the Search box type CMD

    At the top you can see a CMD file. Just right click on that file and select Run as

     

    Administrator.

     

    In the black Command Window type

    NETSH WINSOCK RESET and hit on enter.

     

    If you get a message

    "Sucessfully reset the Winsock Catalog.

    You must restart the machine in order to complete the reset." then you are safe.

     

    If not your computer is infected. In windows Vista and Windows 7 a successful system restore

     

    will fix the issue. Try a system restore to a good point.

     

    After a successful system restore try to do the same step again.

    If you got the message "Sucessfully reset the Winsock Catalog.

    You must restart the machine in order to complete the reset." your computer is safe and secure.

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • Correct Answers - 5 points
  • Helpful Answers - 3 points