How to shift a trojan ?

[Shewie]

I`ve managed to infect this damn infernal machine with a trojan virus, anyone know how to shift it quickly ?

I can get it sorted in the morning at work but I could do with shifting it tonight.

I`m running Symantec AV version 10.1.6 but a full scan doesn`t pick anything up.

 

[John Fenna]

I hope you got things sorted.
The American members may have found your thread title amusing though...

 

[w00dsmoke]

I got mine a month ago and it's a real, nasty, it starts to mutate and do all sorts of nasty stuff inside, thankfully it only cost me £40 for the pc guy I know to come out and after two visits hopefully sort it. No antivirus as far as I'm aware is actually able to stop this one. aparently after it infects your program and system files the only cure is a compete wipe and reinstall of your operating system

Good luck

 

[Nagual]

Found this on Google at yahoo answers

Trojan.Zlob.G is an old modification of Zlob trojan (Symantec described this threat 3 years ago). But today russian scammers use "Trojan.Zlob.G" name to scare users and force to download and than purchase Perfect Defender 2009 rogue anti-spyware. Special trojan (usually Vundo) displays fake "Security center alert" stating that your PC is seriously infected with Trojan.Zlob.G infection.
------
This solution works for the latest Trojan.Zlog.G popup problem where no internet connection works and repeated fake warnings to 'activate' Defender anti-virus program.

No use running any ant-virus/soyware programs, they don't seem to detect this latest Trojan. Only manual removal works perfect:

Start in safe mode (press F8 at startup)
Delete following:

kjzna1562565.exe
spcffwl.dll
T-Scan (entire folder)

their location would be C:\Documents and Settings\{username}\Application Data\Google\

It looks so simple in hindsight, entire day wasted in efforts.

Nag

 

[Nagual]

Also just read that the T-folder may be hidden, so you'll need to change your prefs so you can see hidden folders. The file names kj*.exe and sp*.dll may have slightly different names but will be exe and dll files.

It's also possible to log out of your account and into another account if it has admin rights and delete the stuff that way.


Good luck, let us know how it goes..




Nag.

 

[Cobweb]

AVG free is a pretty good program, you can pay for the upgrade but the free version works extremely well. I've had trojans like that one and it has removed them and repaired the damage, good program!

http://free.avg.com/

As usual, I have no affiliations or connections with the vendor, yadda yadda yadda...

 

[burning]

This should do the trick http://www.freedrweb.com/

 

[ScarletPimpernel]

This will definately do the trick: http://store.apple.com/uk

 

[rancid badger]

AVG free is a pretty good program, you can pay for the upgrade but the free version works extremely well. I've had trojans like that one and it has removed them and repaired the damage, good program!

http://free.avg.com/

As usual, I have no affiliations or connections with the vendor, yadda yadda yadda...

Vouch for that too, very efficient.
cheers
R.B.

 

[Martyn]

Got infected with Vundo a couple of weeks ago - nasty thing.

Eventually, STOPzilla cleared it.

http://www.stopzilla.com/

 

[Shewie]

Cheers for all the suggestions guys and gals.

None of the AV packages detected the trojan after full scans so I followed the information Nag provided.
The files deleted did have slightly different names but so far things are looking good.

It turns out that trojan.zlob.g wasn`t as malicious as first thought and it`s just a way of pushing you to purchase some AV software.

Thanks again all, managed to get it sorted without getting the PC guys at work involved which has saved me interigation from head office.

 

[Shewie]

I should also add, I think I picked it up from www.desktopwallpapers.co.uk somewhere along the line.