I am having trouble with a rather persistent trojan.
Sophos has it listed in the quarantine manager as "TrojZbotMem-A". Under location, it lists "memory" and it insists that a manual clean-up is required.
I have followed the steps for manual clean-up, listed here and here, but it does not appear to be having any success. This thread indicates that it should be purged from memory during shutdown, and it is stored on the disk instead, but not infected files have been found on the disk. When Sophos failed to find any infected files, I tried about half a dozen other programs, but all of them couldn't find a hint of the trojan. I tried running all the programs (including sophos) in both regular and safe mode, and I even tried running a scan from a seperate rescue CD.
The computer is running windows 7.
I would add to this post the log file produced when I scanned all files with sav32cli in safe mode, but I am limited to no more than 20,000 characters in this post. It failed to find any viruses, but it had some interesting contents: there appear to be a lot of nested "Application Data" folders, containing files (with names such as "UsrClass.dat") that sav32cli could not open.
This thread was automatically locked due to age.
