resides in the folder that contains system drives.Typical
path is %System%\Drivers\[random driver name].sys,
where the random driver name is an actual driver designation.
The selection is made among actual files stored in
the specified location and alphabetically falls within
the range of drivers from classpnp.sys to win32k.sys
(basically, an appropriate name would start with any
letter from C to W inclusively).
Installation of the rootkit deletes actual system
file. That itself mutilates compromised PC. Fortunately,
the damage is not critical.The Drivers folder item
is a core installation. Apart from that, there are
several secondary files created. Removal of Trojan.Zeroaccess.B
(Trojan.Zeroaccess!inf) needs to cover both the main
file and files derived from it.The infection opens
a backdoor. It has tools to compromise any browser.The
backdoor is used to establish connection with remote
hackers so that they could remotely control the target
machine.Get rid of Trojan.Zeroaccess.B (Trojan.Zeroaccess!inf)
applying advanced anti-rootkit scanner.