Zlob.bgm

Discussion in 'NOD32 version 2 Forum' started by Ledsr40, Oct 21, 2007.

Thread Status:
Not open for further replies.
  1. Ledsr40

    Ledsr40 Registered Member

    Joined:
    Mar 6, 2006
    Posts:
    52
    I had a file in the

    Documents and settings/Myname/Local settings/Temp

    That has the Trojan Downloader.Zlob.BGM Trojan.

    If it's only in the Temp folder it doesn't mean that the computer is compromised or personal data are stolen right?

    Nod on demand scanner couldn't delete it, so I had to do it manually.
    I tried to check the properties of that file, and immediately Amon caught it again and all I had to do was to minimize Amon and the file disappeared from the Temp folder. The Amon record says 1 found and 1 cleaned. So it's been take care of already?

    Thanks.
     
  2. ASpace

    ASpace Guest

  3. Eh_Greg

    Eh_Greg Registered Member

    Joined:
    Oct 21, 2007
    Posts:
    64
    Location:
    US.
    Those Zlob people are persistent. Don't know how many of those files I have sent for analysis... Alot.
     
  4. Ledsr40

    Ledsr40 Registered Member

    Joined:
    Mar 6, 2006
    Posts:
    52
  5. Ledsr40

    Ledsr40 Registered Member

    Joined:
    Mar 6, 2006
    Posts:
    52
    I ran a scan with Smitfraud fix, none of it says "Found". So does that mean my computer was not infected (ie, it was just in the temp folder and then it was deleted?)

    Also, if my computer was infected, wouldn't Nod be able to detect it even though it might not be able to clean it?

    The guides aren't very clear on how to interpret the scan log of Smitfraudfix, I got some entries showing under process, desktop components, but none says "found".

    Also, there is the message "!!!Attention, following keys are not inevitably infected!!!"
    What does that mean?

    Thanks.
     
  6. ASpace

    ASpace Guest

    Hi!

    Don't look at the log file . If you have run it in Cleaning mode (option 2) , it has already killed if there was anything . If not , run it in Cleaning mode (option 2) .

    Then run scan with NOD32 and you are ready :)
     
Thread Status:
Not open for further replies.