I
Iceman
Hie,
I'm on XP pro,use Norton antivirus 2006 and use IE for internet connection.
The problem is,a couple of days ago,my antivirus programme found
trojan.zlob.d on my laptop.however,it couldnt fully resolve it and said it
would quarantine it.
(The second last virus it found was trojan.spaxe but this was deleted so i
dont its the ccause of the problem.)
I've been having problems since, as my home page is been highjacked to
www.needupdate.com where it tells me my pc is under control of remote
computer 227.4.167.118 and that it is accessing Windows; Program
Files\Internet Explorer; My Documents and C:\ files.
It says i should click to download official anti-spyware software. (which i
havent done).
I have since run norton but it cant detect a virus now.
I've also tried avast,which didnt find anything.
I've tried deleting nvctrl.exe in Registry Editor,as i've seen on norton
website that related viruses of zlob.d ;i.e. versions e, f and g create this
value in the registry to run everytime i start IE.
I delete this value but as soon as come back i find it there again.
I've even tried deleting it with my computer in Safe mode but it reappears
soon as i start the internet (in normal mode).
There is wininet.dll in the same part of registry but i dont know if its
safe or not?
I read also that the trojan.zlob creates or copies a file called
mssearchnet.exe i think.i searched my pc and i DO have this file/folder but
dont know if its safe to delete or not?
I eventually turned to microsoft's Microsoft did find 3 viruses and 7 files
infected;it resolved 6 of the files but the 7th wasnt and i still have 1
virus according to microsoft;which is JS/loop i thnk.
i am having a terrible xmas bcoz of this problem and if someone can cheer me
up with a solution it would be very appreciated.
i am not techy so plz put things in 1,2,3 steps!
Sorry for long question but was trying to be as specific as possible.
Thanx in advance...
Since your long question calls for a long answer, I will simply refer you
to this thread:
http://groups.google.com/group/micr...&q=www.needupdate.com&rnum=2#c748c27fb6239635
Your shorter link is: http://tinyurl.com/c2456