Jump to content

Fake Trojan.Zlob.G and Perfect Defender 2009


Rick

Recommended Posts

Every time I start up and every couple of hours I get a popup that looks like it is an Official MS warning telling me I have the Trojan.Zlob.G virus. The only button is something about enabling firewall protection and it takes me to a page to purchase Perfect Defender 2009.

I also see the following every time I open IE:

Insecure Internet activity. Threat of virus attack

Due to insecure Internet browsing your PC can easily get infected with viruses, worms and trojans without your knowledge, and that can lead to system slowdown, freezes and crashes.

Also insecure Internet activity can result in revealing your personal information.

To get full advanced real-time protection for PC and Internet activity, register your antivirus software.

We recommend you to protect your PC now and continue safe Internet browsing.

Click here to get full advanced real-time protection and continue browsing.

Continue to this website unprotected (not recommended).

I have run the most up to date of the following apps which all report that my machine is clean:

Symantec AV Corp

Malwarebytes

SUPER Anti Spware

Ad-Aware

Spybot

I am currently running ESET Online AV scan.

Link to post
Share on other sites

Here is my mbam-log-2008-12-07 (16-05-17).txt file

Malwarebytes' Anti-Malware 1.31

Database version: 1467

Windows 5.1.2600 Service Pack 3

12/7/2008 4:05:17 PM

mbam-log-2008-12-07 (16-05-17).txt

Scan type: Quick Scan

Objects scanned: 55513

Time elapsed: 6 minute(s), 49 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Link to post
Share on other sites

The ESET Online AV found the file kjzna1562565.exe in C:\Documents and Settings\Owner\Application Data\Google

I remember seeing other webpages stating that this file was responsible for the problems I am seeing so I started trying to kill it. I was unable to delete it directly and I found nothing in the registry that was calling kjzna1562565.exe or the dll in the same folder so I rebooted in safe mode and deleted the files from there. After a reboot, the problems are all gone!!! :angry:

I would like to know how the thing was being started and why I am not getting any errors after simply deleting the files but i am GLAD to have it gone.

Link to post
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.