virus trojan zlob the slob - is it gone? how do I find out?

[Guest]

Hello! This all started a couple weeks ago - started getting a little icon
(an exclamation point) with a little box that would come up saying I had a
bunch of spyware....click this baloon - which took me to a download for some
anti-spyware that I'd never heard of. I did system scan w/ norton - found the
trojan.zlob. The little pop up balloon did not stop, so I looked up
trojan.zlob on the internet and ended up downloading and running Spyhunter
2.8 (Enigma Software Group) which seemed to solve the problem - but was
probably a big mistake. About a week later, I started having severe problems
with lack of space on the c drive - and another pop up balloon started coming
up and I thought it was part of this virus or something and ignored it for a
couple days. After driving me crazy long enough, I checked and sure enough I
had 0% left on my c drive. I went through a lot of crap just to defrag
(downloaded Ace Utilities, ERUNT, NTREGOPT, Registry Compactor). Through
another thread, I discovered that "J2SE Runtime Environment 5.0 Update 3" was
probably causing some of my problems and I removed it. In the past couple
days I have downloaded and ran in safe mode and normal mode the following:
McAfee Stinger, Trend Sysclean, Ad-Ware SE, Ccleaner, Spybot, Spyblaster,
Counterspy. Many found zlob and two of them pegged Spyhunter as having the
zlob in its backup - but how do I know it's all gone? I've followed all the
directions on the majorgeeks website "malware removal guide" but am a
computer idiot so I have not contacted them. I've also deleted all my IE
Temporary Files, cookies, history, form data, and passwords. I've also done
the disk cleanup and defrag a few times and have now been using the ccleaner
quite often. My concern is 1) Is it gone? 2) Did the virus have something to
do with me not having any room left on my c drive? and 3) I'm only back up to
a whole whopping 17% on the c drive and have nothing left to remove,
uninstall, delete - what else can I do?
Thanks so much for any help!

 

[venkat]

Once check with Prevx1 anti malware software. It is a powerful anti-
malware software.You can download it from the following site.

http://www.prevx.com/security.asp

If the above not works,then first scan the system with Bit Defender
Antivirus Plus then with Avira AntiVir PersonalEdition Classic.
Before using these softwares you have to uninstall your existing
antivirus.If
these softwares find any virus affected files remove them. But
becareful some programs may not work if you remove some virus
affected files. So I will suggest you to read completely the article
below on
Viruses then do experiment on your computer.

The article is:
http://technodata.blogspot.com/2007/03/if-your-floppy-drive-light-is-glowing.html

Also read the following article on how to use prevx1
http://technodata.blogspot.com/2007/03/prevx1-powerful-anti-malware-software.html

 

[Guest]

--
The definition of insanity is doing the same thing over and over and
expecting different results.....

Once check with Prevx1 anti malware software. It is a powerful anti-
malware software.You can download it from the following site.

http://www.prevx.com/security.asp

If the above not works,then first scan the system with Bit Defender
Antivirus Plus then with Avira AntiVir PersonalEdition Classic.
Before using these softwares you have to uninstall your existing
antivirus.If
these softwares find any virus affected files remove them. But
becareful some programs may not work if you remove some virus
affected files. So I will suggest you to read completely the article
below on
Viruses then do experiment on your computer.

The article is:
http://technodata.blogspot.com/2007/03/if-your-floppy-drive-light-is-glowing.html

Also read the following article on how to use prevx1
http://technodata.blogspot.com/2007/03/prevx1-powerful-anti-malware-software.html

I have to uninstall my AV or disable it? I don't know if I can get it back
if I uninstall it - no disc, downloaded it.

 

[Guest]

Hello! This all started a couple weeks ago - started getting a little icon
(an exclamation point) with a little box that would come up saying I had a
bunch of spyware....click this baloon - which took me to a download for some
anti-spyware that I'd never heard of. I did system scan w/ norton - found the
trojan.zlob. The little pop up balloon did not stop, so I looked up
trojan.zlob on the internet and ended up downloading and running Spyhunter
2.8 (Enigma Software Group) which seemed to solve the problem - but was
probably a big mistake. About a week later, I started having severe problems
with lack of space on the c drive - and another pop up balloon started coming
up and I thought it was part of this virus or something and ignored it for a
couple days. After driving me crazy long enough, I checked and sure enough I
had 0% left on my c drive. I went through a lot of crap just to defrag
(downloaded Ace Utilities, ERUNT, NTREGOPT, Registry Compactor). Through
another thread, I discovered that "J2SE Runtime Environment 5.0 Update 3" was
probably causing some of my problems and I removed it. In the past couple
days I have downloaded and ran in safe mode and normal mode the following:
McAfee Stinger, Trend Sysclean, Ad-Ware SE, Ccleaner, Spybot, Spyblaster,
Counterspy. Many found zlob and two of them pegged Spyhunter as having the
zlob in its backup - but how do I know it's all gone? I've followed all the
directions on the majorgeeks website "malware removal guide" but am a
computer idiot so I have not contacted them. I've also deleted all my IE
Temporary Files, cookies, history, form data, and passwords. I've also done
the disk cleanup and defrag a few times and have now been using the ccleaner
quite often. My concern is 1) Is it gone? 2) Did the virus have something to
do with me not having any room left on my c drive? and 3) I'm only back up to
a whole whopping 17% on the c drive and have nothing left to remove,
uninstall, delete - what else can I do?
Thanks so much for any help!

But I'm sorry, I'm not against NIS, but if NIS is infected by this Virus and
malfunctioning and sittings Ducks for the Zlob, then what the benefit of
having it or is it expired and you think it's presence may scare the fish?
<g>.
Try this steps, and if you got the NIS by download you can contact the NIS
website for help about how to download it again after cleaning your machine.
1... Click start >> Control Panel >> Double Click Network and Internet
Connections >> Double click Internet Options, on the IE Properties window
you will see these Options:
General | Security | Privacy | Content | Connections | Programs
| Advanced .

Click on General Tab (1st Tab on the left) and you will see a Button called
[ Clear History ..] click on it to clear your History caches, then click on
[Delete Files..] to delete Internet Files created over the time, click on [
Delete Cookies...] to delete your cookies left by visiting websites.

= Then try to Disable the Add-Ons on your Browser somehow installed on your
browser, On how to disable the Add-ons follow this:
Click on Programs Tab and then click the Manage Add-Ons Button there Disable
the None/Not Verified Plug-ins/Add-ons ( you need to Renable them one-by-one
later and see which is the culprit or you can send them here in your next
post) and click [OK] to confirm your Changes.

Click on Advanced Tab and scroll down under the browsing option and uncheck
this box:
[&] Browsing
[ ] Enable Third-Party browser extensions (Req Rest) and click Apply
then OK to close your IE Properties.

2.... And also for malwares from here:
http://www.lavasoft.com/products/ad-aware_se_personal.php
http://www.safer-networking.org ; for Spybot S&D
Download and install after installing this software and
update then run a scan in both safe mode and normal:
http://free.grisoft.com/doc/5390/lng/us/tpl/v5
= Open the Windows
Explorer and locate this path:
C:\Windows\System32\drivers\etc = look in the Right Pane/window for this
file called the HOSTS file but not the one with the extension *.SAM* leave
this as is.
If you can't see it try to click Tools >> Folder Options and select show
Hidden files and folder, then right Click the Hosts file and select open with
Notepad.
There see any reference for that site and remove it, you Hosts file will
looks like this:
# 102.54.94.97 rhino.acme.com # Source server
# 38.25.63.10 x.acme.com # Client Host
127.0.0.1 LocalHost
------------------------------------------
Remove all other References other than those above.

Run disk Clean Up and Defrag in safe mode, then Open run command and type in:
sfc /scannow click [OK]
Note the space between sfc_/

If you still directed Download the Hijackthis and send the report to one of
many
forums for analysis and troubleshooting:
When all else fails, HijackThis v1.99.1
(http://aumha.org/downloads/hijackthis.zip) is the preferred tool to use.
It will help you to both identify and remove any hijackware/spyware. Post
your log to http://aumha.net/viewforum.php?f=30,
http://castlecops.com/forum67.html,
http://forums.subratam.org/index.php?showforum=7, or other appropriate
forums for expert analysis, not here.
HTH.
Let us know.
Regards,
nass