Could you identify this Trojan Please.

Hi,

A relative has got a Trojan they think is called Trojan-spy.win32@mx or maybe smitfraud.

It places a flashing yellow triangle in the icon tray and displays a text bubble which gives information about itself as above. When you click on it it opens IE and goes to a web site which requires $50 to download a remover software.

I have hunted around but cannot find any info on a virus, malware or trojan that matches this activity, which is probably out there somewhere.

I tried running Norton AV but no luck.

Any help appreciated.

T.

 

The alert box is caused by z-lob/fake alert trojan and is normaly part of a smitfraud type infection.
The following free software will nuke the fake alert and associasted infection files.
http://superantispyware.com/

Or alternatively you could use AVG7.5 free+SmitRem+Panda activescan which is the *canned* fix for this infection.

All the best

 

Thanks a lot, will try it

T.

Edit: Worked - its gone. Many thanks

 

Your welcome

 

Mmm fixing this for my neighbour tonight - must be variant 'cos its gone tough
He has 2 triangles, one like already mentioned and another which alternates with the minesweeper icon, maybe he selected on a pop-up.
Anyway his SuperAntiSpywareFree will not update and the usual fix, safemode/HJT/smitrem/ewido/panda activescan/atf-cleaner fails. If I hadn't told him to go make some coffee I think he would have baseball batted his machine.

 

Seems Zlob Trojan on the rise, media codec - trojan that poses as a codec needed to view umm something! plus he had not updated Windows. Thanks to HJT/ProcX/SmitRem and atf-cleaner.