NIS 2010 picked up this infection after a full scan reporting that it must be manually removed.  Unfortunately there is no entry in the Threat Explorer for this infection.  After some research, I am advised that it is similar to Trojan.Brisv.A!inf, an infection of media files.

However, I am also somewhat confused by (apparantly) conflicting entries in the NIS logs:

Resolved Security Risks:

13 Feb 2010 21:32 parport.sys (Trojan,Zeloaces!inf) Quarantined, and the File Insight dialog states "This spyware has been removed and no further action is needed"

Unresolved Security Risks:

13 Feb 2010 23:00 parport.sys (Trojan.Zeloaces!inf) Manual Removal Required, and the File Insight dialog states "This spyware required manual removal. We recommend that you review details for this threat on the Symantec Web Site"

13 Feb 2010 21:54 a0060351.sys  (Trojan.Zeloaces!inf) Manual Removal Required etc (as above), with a few extra details about additional infected files in the system restore (3 entries).

So it seems to be reporting that it was removed on the first scan (normal mode) and then not removed on the second scan (safe mode).

There is no listing of the Trojan.Zeloaces!inf on the Symantec Web Site, so hit a dead end.

I am quite happy to try and hack my way out of this if I can find the right specs as an alternative to re-installing the system.

I reckon I know how it got there, now just to get rid of the *******!...

Can anyone assist?

Much obliged,

Chris

Windows XP SP3 (all Security Updates to date applied)

NIS 2010 (or could be 2009?) v. 15. 5.0.127