I have Avast Home edition, what number I am unsure but i d/l it this year.
My computer is operating on Windows XP
I keep getting a pop-up telling me the I have a Trojan Horse: Win32:Zlob-BN(Trj) to be exact. I move it to the chest even delete it and it keeps coming back
It is in my C:/Windows/System32/1024 - it is alsways in there but which file within that changes!!
What should I do to remove it??
How bad is it for my computer??
PLEASE HELP!!
Hi Emily :
It is bad for your computer .
IF you want to try & get rid of it on your own, follow the
Instructions CAREFULLY at :
http://siri.urz.free.fr/Fix/SmitfraudFix_En.php
and follow that up with running a "Complete System Scan"
using "Ewido", available at www.ewido.net/en .
IF the above does NOT work OR if you prefer to have an
Expert guide you in the removal "process", ask for help
on the forum of your antiSPYWARE provider ; if you know
of none, I recommend www.landzdown.com .
Thank you, I will try this tonight and if i run into any problems I will let you know
How bad are Trojan Horses???
Trojans come in many guises and forms so the severity or otherwise isn’t quantifiable across the board, suffice to say you want rid of them.
Having identified what Trojan it is and the file name of the infected file, then it should be possible to find information about it using google, etc.
Weird thing is, for this trojan: Win32:Zlob-BN(trj) I have not been able to find any information on it. Other then people talking about having this trojan in their computer. I have checked virus lists and can not find this Trojan.
So that is why I have no idea how bad it is.
There is loads of Zlob variants out there…
There are many variants as RejZoR said and there is also no standard naming convention, so a search for the virus name is often not as successful as a search for the infected file name which is often associated with the virus.
So i downloaded SmitfraudFix and extracted the files but it wont let me open SmitfraudFix. It tells me that the publisher could not be verifed.
What do I do now??
Hi Emily :
As i said in my 1st post, "ask for help on the forum of your
antiSPYWARE provider ; if you know of none, I recommend
www.landzdown.com " . What you have is "malware" &
it would be best if you got step-by-step guidance by
antispyware Experts. If you go there, they will probably
ask you to post a "HijackThis" program log; this program
is best downloaded from : http://www.thespykiller.co.uk/files/HJTsetup.exe .
Note: This is a complete installer that installs HijackThis to your computer at C:\Program Files\HijackThis, making an entry in the start menu and also providing a desktop shortcut. If HijackThis is used from a temp folder, it is in danger of being accidentally deleted by clean up tools.
At the download prompt, choose “Save”. After the download is complete, navigate to the C:\Program Files\HijackThis folder and double-click it to complete the installation.
There is a “tutorial” on this program at :
www.bleepingcomputer.com/tutorials/tutorial94.html .
Thanks for all the info on this!
I have been dealing with this virus for a day and a half, deleting temp files, etc and it wouldnt go away. In fact, I was getting an avast popup about every 30 min. I just ran the cleanup you linked, I hope it works!
I had the same problem:
system32\1024\1dD447.tmp[Upack]
…\1d241…
…\1d9FE8…
…\1d173B…
and thats just within the last hour and a half.
Julie
I was getting an avast popup about every 30 min.If you can give us more information then it is easier to help. What was the virus name, what was the file name, where was it found example (C:\windows\system32\infected-file-name.xxx) ?
Have you got a firewall, if so what ?
Trying to fight malware without outbound protection is an uphill struggle.
Did you try running ewido from safe mode ?
Hi Julie :
This is NOT a "virus" ; the Advise on antiSPYWARE forums
is a 3-prong "remedy" : Smitfraudfix, Ewido & "modified"
use of CCleaner , as the "foundation" .