Anyone familiar with this bug?

Discussion in 'Malware Help (A Specialist Will Reply)' started by Karkas, Apr 12, 2009.

  1. Karkas

    Karkas Private E-2

    C:\WINDOWS\system32\userinit.exe - Win32/TrojanDownloader.Zlob.CZG trojan.

    This was found by Eset - Nod32 on my father-in-law's rig. Nod 32 says it cant remove, I've also tried removing with Windows MRT & hijack this. It is still active in safe mode. I've tried googling and simply get very little results. I'm about to just reformat & reinstall.

    I'm hoping someone here maybe has a tip or two? This is the 1st virus I've had to remove since I seem to be able to avoid them.

    Thanks in advance!
     
    Karkas, Apr 12, 2009
    #1
  2. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    That is a legit file--> the question would be whether it is infected or not. You do not want to remove it.

    You can copy the file from your i386 folder back to the sys32 folder and see if that solves it.

    But there is the possibility that other system files are infected so I would suggest you do the READ & RUN ME FIRST. Malware Removal Guide
     
    TimW, Apr 15, 2009
    #2

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds