Zolob

G

Guest

Hi, Just installed AntiSpyware (Beta). It finds the Zolob (Trojan downloder)
on my system and says it has fixed/deleted it but it does NOT actually delete
it. If I do anyther scan immediatly if finds it again and deletes it but its
still there. I have the latest definitions. Anyone reading this from
microsoft who can shed any light on why it finds it but cannot delete it.

Also the definitions in AntiSpyware (Beta) seem to pretty basic, other
AntiVirus software and Anti spyware products seem to pick up a lot more
instances.

Many Thanks, James
 
P

plun

Hi Engel and James

Zolob or Zlob is the carrier trojan for Spyfalcon,
Spywarestrike, spyaxe and so on. Often uses unpatched/
unprotected PCs. ie not updated antivirusprotection.

Use AndyMs removal:

Its another SpyAxe clone, Use Smitrem and Ewido to clean the system
then
finally Ccleaner to remove temp files:

Download SmitRem

http://noahdfear.geekstogo.com/click counter/click.php?id=1

Save it to your desktop,Double click Smitrem.exe to extract it to it's
own
folder on the desktop.

Please download, install, and update the trial version of ewido
security
suite

http://www.ewido.net/en/download/

When installing, under "Additional Options" uncheck "Install background
guard" and "Install scan via context menu". Click on update in the left
menu,
then click the Start update button. After the update finishes close
Ewido

Download Ccleaner

http://www.ccleaner.com/ccdownload.asp

Install then close.

Now reboot to Safe Mode - Restart your computer and immediately begin
tapping the F8 key on your keyboard.
If done right a Windows Advanced Options menu will appear. Select the
Safe
Mode option and press Enter.
To return to normal mode just restart your computer as you normally
would.

Open the smitRem folder, then double click the RunThis.bat file to
start the
tool. Follow the prompts on screen.
Wait for the tool to complete and disk cleanup to finish.
The tool will create a log named smitfiles.txt in the root of your
drive,
eg; Local Disk C: or partition where your operating system is
installed.

When thats finished run Ewido again.

From the main menu click on 'scanner' then click 'Complete System Scan'
When ewido finds something, it will pop up a notification. Select
"Remove"
and check the boxes "Perform action with all infections" and "Create
encrypted backup" then click on ok.When the scan finishes, click on
"Save
Report" and save it to your desktop or c:/drive incase you need it
again.

Finally run Ccleaner and press the Run Cleaner Button to remove temp
files

Reboot Back To Normal Mode

This should fix your problems but if it continues just let us know and
post
back the scan logs (smitrem.txt & Ewido's scan log)

You will need to reload your wallpaper after this tool finishes, To
change
your wallpaper right click desktop and choose properties, Set the Theme
to XP
if you are running XP then goto the Desktop tab and choose your
wallpaper
from there.

Regards

Andy


regards
plun
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

it never finds any spyware 3
norton antivirus 2006 13
dumb question... 2
Norton AV conflict with cleaner.log? 2
Trojan.Startup.NameShifter.H 7
Norton Antivirus 2
No XP System Restore Point 2
Not a very efficient program for spyware discovery ! 4

Top