We have that infernal Zlob trojan,
nothing else seems to remove it,
maybe we need to reload Windows?

Thanks.

rod wrote:
> We have that infernal Zlob trojan,
> nothing else seems to remove it,
> maybe we need to reload Windows?
>
> Thanks.
>
>
>

Reloading Windows with a clean install is the for sure way. Or you can
spend hours fighting with it and not knowing if there is anything else
that the apps you've used haven't detected.

Alias

"rod" wrote:

> We have that infernal Zlob trojan,
> nothing else seems to remove it,
> maybe we need to reload Windows?
>
> Thanks.


If the Restore Point not infected then you can.
Try and then run a scan and see if it all clear or still lurking and
infecting your restore points too.

Unexplained computer behavior may be caused by deceptive software
http://support.microsoft.com/kb/827315

Run a /thorough/ check for hijackware, including posting your hijackthis log
to an appropriate forum.

Checking for/Help with Hijackware
http://aumha.org/a/parasite.htm
http://aumha.org/a/quickfix.htm
http://aumha.net/viewtopic.php?t=5878
http://wiki.castlecops.com/Malware_R...:_Introduction
http://mvps.org/winhelp2002/unwanted.htm
http://inetexplorer.mvps.org/data/prevention.htm
http://inetexplorer.mvps.org/tshoot.html
http://www.mvps.org/sramesh2k/Malware_Defence.htm
http://defendingyourmachine2.blogspot.com/
http://www.elephantboycomputers.com/...moving_Malware

When all else fails, HijackThis v2.0.2
(http://aumha.org/downloads/hijackthis.exe) is the preferred tool to use (in
conjuction with some other utilities). HijackThis will NOT fix anything on
its own, but it will help you to both identify and remove any
hijackware/spyware with assistance from an expert. **Post your log to
http://aumha.net/viewforum.php?f=30,
http://forums.spybot.info/forumdisplay.php?f=22,
http://spywarehammer.com/simplemachi...php?board=10.0, or other
appropriate forums for review by an expert in such matters, not here.**

If the procedures look too complex - and there is no shame in admitting this
isn't your cup of tea - take the machine to a local, reputable and
independent (i.e., not BigBoxStoreUSA or Geek Squad) computer repair shop.
--
~Robear Dyer (PA Bear)
MS MVP-IE, Mail, Security, Windows Desktop Experience - since 2002
AumHa VSOP & Admin http://aumha.net
DTS-L http://dts-l.net/

rod wrote:
> We have that infernal Zlob trojan,
> nothing else seems to remove it,
> maybe we need to reload Windows?
>
> Thanks.

From: "nass" <(E-Mail Removed)>


| If the Restore Point not infected then you can.
| Try and then run a scan and see if it all clear or still lurking and
| infecting your restore points too.

Actually many forms of malware corrupt or disable the System restore cache.


--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

"David H. Lipman" wrote:

> From: "nass" <(E-Mail Removed)>
>
>
> | If the Restore Point not infected then you can.
> | Try and then run a scan and see if it all clear or still lurking and
> | infecting your restore points too.
>
> Actually many forms of malware corrupt or disable the System restore cache.
>
>
> --
> Dave
> http://www.claymania.com/removal-trojan-adware.html
> Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

True, but some milke you out (??) first then start to be destructive and try
to hide and erase their footprint!
HTH,
nass
---
http://www.nasstec.co.uk

From: "nass" <(E-Mail Removed)>

| True, but some milke you out (??) first then start to be destructive and try
| to hide and erase their footprint!
| HTH,
| nass
| ---
| http://www.nasstec.co.uk

I don't understand :-(

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

"David H. Lipman" wrote:

> I don't understand :-(
>
> --
> Dave
> http://www.claymania.com/removal-trojan-adware.html
> Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

Meaning some viruses will not start to be destructive from the start of its
being loaded and excuted on the User machine.
Ex..Password stealers, Pop-Up/marketing Trojans (fake alert)/StartUp page,
Trojan dropper..etc
These viruses patterns not destructive at first, but rather resident program
sending data (Commands/Data packets) from and to the user machine to the
intruder server !!!

From: "nass" <(E-Mail Removed)>


| Meaning some viruses will not start to be destructive from the start of its
| being loaded and excuted on the User machine.
| Ex..Password stealers, Pop-Up/marketing Trojans (fake alert)/StartUp page,
| Trojan dropper..etc
| These viruses patterns not destructive at first, but rather resident program
| sending data (Commands/Data packets) from and to the user machine to the
| intruder server !!!

Yes, these types of malware do NOT want to give themselves away. They want to keep
performing their respective payload as long as possible.

However, how doe that tie-in with the system restore Cache ?

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

"David H. Lipman" wrote:

> From: "nass" <(E-Mail Removed)>
>
>
> | Meaning some viruses will not start to be destructive from the start of its
> | being loaded and excuted on the User machine.
> | Ex..Password stealers, Pop-Up/marketing Trojans (fake alert)/StartUp page,
> | Trojan dropper..etc
> | These viruses patterns not destructive at first, but rather resident program
> | sending data (Commands/Data packets) from and to the user machine to the
> | intruder server !!!
>
> Yes, these types of malware do NOT want to give themselves away. They want to keep
> performing their respective payload as long as possible.
>
> However, how doe that tie-in with the system restore Cache ?
>
> --
> Dave
> http://www.claymania.com/removal-trojan-adware.html
> Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

Back to the Old game Cat and Mouse Dave LOL