- Joined
- Dec 15, 2004
- Location
- Clermont, Florida
Does Anyone know what SAcc.exe is? I get an error/end program prompt because it is not responding and I was wondering how to get rid of it!
Any ideas?
Any ideas?
-
Welcome to Overclockers Forums! Join us to reply in threads, receive reduced ads, and to customize your site experience!
SAcc.exe
- Thread starter ctrl_alt_del_
- Start date
- Joined
- Nov 11, 2003
- Location
- Bloomington, IN
Downloads and Executes Files
When the trojan is executed, it initially downloads a script that contains a number of commands from the domain "ysbweb.com". These commands specify the locations of adware-related and malicious files for the trojan to download. The malicious files which may be downloaded and executed by the trojan are detected as Win32.SillyDl variants. These variants are executed from the following locations:
* C:\Program Files\ISTbar\istbarcm.dll (73,728 bytes)
* C:\Program Files\ISTsvc\istsvc.exe (18,944 bytes)
* C:\Program Files\SACC\sacc.exe (61,440 bytes)
* %Windows%\<random name>.exe (10,240 bytes)
* %Temp%\sidefind.exe (10,752 bytes)
* %Temp%\cxtpls_loader.exe (64,000 bytes)
* %Temp%\dealhelper.exe (20,480 bytes)
* %Temp%\sahagent.exe (56,078 bytes)
I just googled it... here is a link: http://www3.ca.com/securityadvisor/virusinfo/virus.aspx?id=42279
Might want to look into it..
When the trojan is executed, it initially downloads a script that contains a number of commands from the domain "ysbweb.com". These commands specify the locations of adware-related and malicious files for the trojan to download. The malicious files which may be downloaded and executed by the trojan are detected as Win32.SillyDl variants. These variants are executed from the following locations:
* C:\Program Files\ISTbar\istbarcm.dll (73,728 bytes)
* C:\Program Files\ISTsvc\istsvc.exe (18,944 bytes)
* C:\Program Files\SACC\sacc.exe (61,440 bytes)
* %Windows%\<random name>.exe (10,240 bytes)
* %Temp%\sidefind.exe (10,752 bytes)
* %Temp%\cxtpls_loader.exe (64,000 bytes)
* %Temp%\dealhelper.exe (20,480 bytes)
* %Temp%\sahagent.exe (56,078 bytes)
I just googled it... here is a link: http://www3.ca.com/securityadvisor/virusinfo/virus.aspx?id=42279
Might want to look into it..
- Joined
- Feb 20, 2001
A google search turned this up:
http://www3.ca.com/securityadvisor/virusinfo/virus.aspx?id=42279
This virus is not mentioned on Symantec however.
Tried running Adaware and things?
EDIT: Dang! Beaten!
http://www3.ca.com/securityadvisor/virusinfo/virus.aspx?id=42279
This virus is not mentioned on Symantec however.
Tried running Adaware and things?
EDIT: Dang! Beaten!
- Joined
- Nov 11, 2003
- Location
- Bloomington, IN
David said:A google search turned this up:
http://www3.ca.com/securityadvisor/virusinfo/virus.aspx?id=42279
This virus is not mentioned on Symantec however.
Tried running Adaware and things?
EDIT: Dang! Beaten!
I was also thinking an adaware scan should take care of it.
OP
- Joined
- Dec 15, 2004
- Location
- Clermont, Florida
- Thread Starter
- #5
wow, thanks for the responses! I suspected an spyware infection and ran adaware and that's when it started happening...
anyone recomend a good-free anti-virus?
anyone recomend a good-free anti-virus?
- Joined
- Dec 13, 2004
- Location
- My own personal HELL!
Avg
OP
- Joined
- Dec 15, 2004
- Location
- Clermont, Florida
- Thread Starter
- #7
Thanks Slack!
- Joined
- Feb 25, 2001
- Location
- Iowa
Wouldn't hurt to run TDS-3 as well. Check out the Spyware sticky in the Internet section of the forums for more info!
Similar threads
