Author Topic: Virus Win32.trojandownloader.Zlob, Please HELP!!!  (Read 2559 times)

0 Members and 1 Guest are viewing this topic.

TropicalFL

  • Guest
Virus Win32.trojandownloader.Zlob, Please HELP!!!
« on: October 02, 2008, 12:16:52 AM »
My computer has acquired a virus(s)/spyware a couple days ago and I've been searching the net, trying to get rid of them ever since.  I started getting strange pop-ups, small ones - to large IExplorer size, even "Security" and "System Alerts" popping up from the bottom toolbar, saying it may be infected with a virus/spyware and urging me to download a program to remove it ... but when I clicked it, Avast! says it's a "malware" and denies the download. 

When I run Ad-aware it finds a bunch of things and removes all, except one, the Win32.Trojandownloader.Zlob.  I ran Avast! virus scan and it found about 7 different malwares under the name Win32:WimAD-l (trj), and I've deleted them.  I'm new to this program, but pretty sure I did the full scan, I clicked "thorough scan", but it didn't seem to pick up the Win32.trojandownloader.Zlob though.  I'm still getting the pop-ups.

After the scan, it listed the infected files it had found/deleted, and also about 24 other things, saying it's "unable to scan: Archive is password protected".  Should I delete or leave these alone?  The File names are:

F:\DocumentsandSettings\AllUsers\...\sbRecovery.reg
F:\DocumentsandSettings\AllUsers\...\sbRecovery.ini
F:\DocumentsandSettings\AllUsers\...\Antivirus Scan.url

Thanks in advance for the help!!  :)


Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89335
  • No support PMs thanks
Re: Virus Win32.trojandownloader.Zlob, Please HELP!!!
« Reply #1 on: October 02, 2008, 01:35:02 AM »
First - Files that can't be scanned are just that, not an indication they are suspicious/infected, just unable to be scanned.

See http://forum.avast.com/index.php?topic=35347.msg297170#msg297170 this topic for more information on why files can't be scanned.

The first two in your list appear to be related to SpyBot S&D and would be legitimately protected. The third I don't know there is insufficient information, the \...\ means there is more information (concatenated) and you can expand the column width by left clicking on the column header whilst dragging the mouse to the right.

Secondly - Deletion isn't really a good first option (you have none left), 'first do no harm' don't delete, send virus to the chest and investigate.

What is the infected file names (of those found by avast), where was it found e.g. (C:\windows\system32\infected-file-name.xxx) ? 
Check the avast! Log Viewer (right click the avast 'a' icon), Warning section, this contains information on all avast detections.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.5.6116 (build 24.5.9153.762) UI 1.0.808/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security