Author Topic: Win32:Zlob-32 [Tri] in C:\hiberfil.sys  (Read 5507 times)

0 Members and 1 Guest are viewing this topic.

Offline rob24

  • Full Member
  • ***
  • Posts: 113
Win32:Zlob-32 [Tri] in C:\hiberfil.sys
« on: February 20, 2011, 02:58:18 PM »
Hi,

A boot time scan found Win32:Zlob-32 [Tri] with a threat severity as High, in C:\hiberfil.sys. It appears in the Scan results log along with the other threat that was found and chested successfully. I tried first to repair with was unsuccessful and then to Chest which was also unsuccessful, with a message to say the disc was full.

I can't see C:\hiberfil.sys in the Windows explorer nor in a Command Prompt window.

I understand this file is something to do with the Hibernation feature, which I do use, so I don't want to lose that facility.

Oh I should add that a full system scan afterwards produced no threats.

Any advice please??
« Last Edit: February 20, 2011, 02:59:53 PM by rob24 »
Intel Core i5 CPU 4 x 3200 Mhz, 8Gb DDR3 RAM, Windows 10 64 bit, Malwarebytes' Anti-Malware 1.6 free, Superantispyware.
Samsung S3 mobile with Avast Mobile Pro and on Lenovo tablet.

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76037
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: Win32:Zlob-32 [Tri] in C:\hiberfil.sys
« Reply #1 on: February 20, 2011, 03:02:30 PM »
Run a boot time scan with avast.
asyn
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

YoKenny

  • Guest
Re: Win32:Zlob-32 [Tri] in C:\hiberfil.sys
« Reply #2 on: February 20, 2011, 03:08:53 PM »
Did you modify any of avast! default scan Settings ???

You have to enable Windows to see hidden files and and folders:
http://www.bleepingcomputer.com/tutorials/tutorial62.html#winxp

Offline rob24

  • Full Member
  • ***
  • Posts: 113
Re: Win32:Zlob-32 [Tri] in C:\hiberfil.sys
« Reply #3 on: February 20, 2011, 03:29:23 PM »
Run a boot time scan with avast.
asyn

It was with a boot time scan that I found it this morning

Did you modify any of avast! default scan Settings ???

You have to enable Windows to see hidden files and and folders:
http://www.bleepingcomputer.com/tutorials/tutorial62.html#winxp
No, I didn't modify any default scan settings, well none that I've changed since installing Avast free 5.1.

I did that so I can now see the file in Windows Explorer. I scanned hiberfil.sys with the right click menu and no threats were found. Does that mean I can be sure I'm OK or should I check some other way?
« Last Edit: February 20, 2011, 04:08:42 PM by rob24 »
Intel Core i5 CPU 4 x 3200 Mhz, 8Gb DDR3 RAM, Windows 10 64 bit, Malwarebytes' Anti-Malware 1.6 free, Superantispyware.
Samsung S3 mobile with Avast Mobile Pro and on Lenovo tablet.

YoKenny

  • Guest
Re: Win32:Zlob-32 [Tri] in C:\hiberfil.sys
« Reply #4 on: February 20, 2011, 04:16:54 PM »
You should be OK.

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76037
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: Win32:Zlob-32 [Tri] in C:\hiberfil.sys
« Reply #5 on: February 20, 2011, 04:19:04 PM »
1. It was with a boot time scan that I found it this morning
2. Does that mean I can be sure I'm OK or should I check some other way?

1. Sorry, I missed that.
2. If you fear an infection you can run free Mbam. (http://www.malwarebytes.org/mbam.php)
- update it before scanning..!!!
asyn
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline rob24

  • Full Member
  • ***
  • Posts: 113
Re: Win32:Zlob-32 [Tri] in C:\hiberfil.sys
« Reply #6 on: February 20, 2011, 04:25:17 PM »
1. It was with a boot time scan that I found it this morning
2. Does that mean I can be sure I'm OK or should I check some other way?

1. Sorry, I missed that.
2. If you fear an infection you can run free Mbam. (http://www.malwarebytes.org/mbam.php)
- update it before scanning..!!!
asyn

OK thanks yes I'll do that once the very slow BitDefender online scanner starts actually scanning!
Intel Core i5 CPU 4 x 3200 Mhz, 8Gb DDR3 RAM, Windows 10 64 bit, Malwarebytes' Anti-Malware 1.6 free, Superantispyware.
Samsung S3 mobile with Avast Mobile Pro and on Lenovo tablet.

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76037
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: Win32:Zlob-32 [Tri] in C:\hiberfil.sys
« Reply #7 on: February 20, 2011, 04:28:17 PM »
OK thanks yes I'll do that once the very slow BitDefender online scanner starts actually scanning!

You're welcome..!
Btw, forget the BD scan. ;)
asyn
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline rob24

  • Full Member
  • ***
  • Posts: 113
Re: Win32:Zlob-32 [Tri] in C:\hiberfil.sys
« Reply #8 on: February 20, 2011, 06:35:54 PM »
OK thanks yes I'll do that once the very slow BitDefender online scanner starts actually scanning!

You're welcome..!
Btw, forget the BD scan. ;)
asyn


Yup I cancelled the BitDefender - seemed to be doing nothing. Malwarebytes clean but then I never finds anything. Ah well.
Intel Core i5 CPU 4 x 3200 Mhz, 8Gb DDR3 RAM, Windows 10 64 bit, Malwarebytes' Anti-Malware 1.6 free, Superantispyware.
Samsung S3 mobile with Avast Mobile Pro and on Lenovo tablet.

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76037
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: Win32:Zlob-32 [Tri] in C:\hiberfil.sys
« Reply #9 on: February 20, 2011, 06:53:06 PM »
Malwarebytes clean but then I never finds anything. Ah well.

Clean is good..! ;)
asyn
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0