Could you identify this Trojan Please.

Discussion in 'malware problems & news' started by Tony H, Dec 3, 2006.

Thread Status:
Not open for further replies.
  1. Tony H

    Tony H Registered Member

    Joined:
    Dec 5, 2002
    Posts:
    32
    Hi,

    A relative has got a Trojan they think is called Trojan-spy.win32@mx or maybe smitfraud.

    It places a flashing yellow triangle in the icon tray and displays a text bubble which gives information about itself as above. When you click on it it opens IE and goes to a web site which requires $50 to download a remover software.

    I have hunted around but cannot find any info on a virus, malware or trojan that matches this activity, which is probably out there somewhere.

    I tried running Norton AV but no luck.

    Any help appreciated.

    T.
     
  2. fcukdat

    fcukdat Registered Member

    Joined:
    Feb 20, 2005
    Posts:
    569
    Location:
    England,UK
    The alert box is caused by z-lob/fake alert trojan and is normaly part of a smitfraud type infection.
    The following free software will nuke the fake alert and associasted infection files.
    http://superantispyware.com/

    Or alternatively you could use AVG7.5 free+SmitRem+Panda activescan which is the *canned* fix for this infection.

    All the best :)
     
  3. Tony H

    Tony H Registered Member

    Joined:
    Dec 5, 2002
    Posts:
    32
    Thanks a lot, will try it

    T.

    Edit: Worked - its gone. Many thanks
     
    Last edited: Dec 4, 2006
  4. fcukdat

    fcukdat Registered Member

    Joined:
    Feb 20, 2005
    Posts:
    569
    Location:
    England,UK
    Your welcome :)
     
  5. Meriadoc

    Meriadoc Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    2,642
    Location:
    Cymru
    Mmm fixing this for my neighbour tonight - must be variant 'cos its gone tough:)
    He has 2 triangles, one like already mentioned and another which alternates with the minesweeper icon, maybe he selected on a pop-up.
    Anyway his SuperAntiSpywareFree will not update and the usual fix, safemode/HJT/smitrem/ewido/panda activescan/atf-cleaner fails. If I hadn't told him to go make some coffee I think he would have baseball batted his machine.
     
  6. Meriadoc

    Meriadoc Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    2,642
    Location:
    Cymru
    Seems Zlob Trojan on the rise, media codec - trojan that poses as a codec needed to view umm something! plus he had not updated Windows. Thanks to HJT/ProcX/SmitRem and atf-cleaner.
     
Loading...
Thread Status:
Not open for further replies.