TechSpot

Help Removing Trojan.Zlob-X.a (HijackThis log attached)

By ball8mj
Dec 2, 2007
  1. Hey, I read the instructions on posting the HijackThis log so its attached.
    PLEASE I really need to get rid of this Trojan.Zlob-X.a
    It is the most annoying thing EVER!! :(
     
  2. Jase123

    Jase123 Banned Posts: 1,012

    Hi ball8mj, Welcome to Techspot![​IMG]

    My name is Jason, on these forums I am known as Jase123. I will be helping you with your current problem.

    HiJackThis logs do take some time to review and research. I would appreciate it if while you are waiting, you could please do the following for me:

    Please make an Uninstall List using HiJackThis.


    To access the Uninstall Manager you would do the following:

    • 1. Start HijackThis
      2. Click on the Config button
      3. Click on the Misc Tools button
      4. Click on the Open Uninstall Manager button.
      5. Click on the Save list... button and specify where you would like to save this file. When you press Save button a notepad will open with the contents of that file. Simply copy and paste the contents of that notepad here in a reply.

    As we work together to resolve your problem, please read these instructions carefully. You may wish to print them off or copy them to Notepad.

    Lastly, please keep these points in mind:
    • If you have questions, please DON'T hesitate to ask!
    • The instructions I give are specific to your current problem and should not be used on other systems.
    • Please post your replies only to this topic, and please DO NOT start a new thread.
    • Since there may be multiple issues with your system, please continue to follow this thread until I have given you an "All Clean!"

    I am reviewing your log now, and will be back with you shortly. Thank you for your patience.
     
  3. Jase123

    Jase123 Banned Posts: 1,012

    Your HJT log seems clean - please do the following;

    Go and read the Viruses/Spyware/Malware, preliminary removal instructions. Follow all the instructions exactly.

    Post fresh HJT, AVG Antispyware and Combofix logs as attachments into this thread, only after doing the above.

    Also, let me know the results of the Panda Antirootkit scan.


    Regards Jason :)
     
  4. ball8mj

    ball8mj TS Rookie Topic Starter

    HijackThis Uninstall List

    Adobe Anchor Service CS3
    Adobe Asset Services CS3
    Adobe Bridge CS3
    Adobe Bridge Start Meeting
    Adobe Camera Raw 4.0
    Adobe CMaps
    Adobe Color - Photoshop Specific
    Adobe Color Common Settings
    Adobe Color EU Extra Settings
    Adobe Color JA Extra Settings
    Adobe Color NA Recommended Settings
    Adobe Default Language CS3
    Adobe Device Central CS3
    Adobe ExtendScript Toolkit 2
    Adobe Flash Player ActiveX
    Adobe Flash Player Plugin
    Adobe Fonts All
    Adobe Help Viewer CS3
    Adobe Linguistics CS3
    Adobe PDF Library Files
    Adobe Photoshop CS3
    Adobe Photoshop CS3
    Adobe Reader 8.1.1
    Adobe Setup
    Adobe Stock Photos CS3
    Adobe Type Support
    Adobe Update Manager CS3
    Adobe Version Cue CS3 Client
    Adobe WinSoft Linguistics Plugin
    Adobe XMP Panels CS3
    AOL Instant Messenger
    Apple Mobile Device Support
    Apple Software Update
    avast! Antivirus
    Browser Optimizer Adssite
    Call of Duty(R) 2
    Combined Community Codec Pack 2007-07-22
    DeskScapes
    DivX Codec
    DivX Player
    GTA San Andreas
    Half-Life 2: Episode One
    Half-Life 2: Episode Two
    HijackThis 2.0.2
    iTunes
    J2SE Runtime Environment 5.0 Update 3
    Java(TM) 6 Update 2
    Java(TM) 6 Update 3
    LimeWire 4.12.11
    Microsoft Office Access MUI (English) 2007
    Microsoft Office Access Setup Metadata MUI (English) 2007
    Microsoft Office Enterprise 2007
    Microsoft Office Enterprise 2007
    Microsoft Office Excel MUI (English) 2007
    Microsoft Office Groove MUI (English) 2007
    Microsoft Office Groove Setup Metadata MUI (English) 2007
    Microsoft Office InfoPath MUI (English) 2007
    Microsoft Office OneNote MUI (English) 2007
    Microsoft Office Outlook MUI (English) 2007
    Microsoft Office PowerPoint MUI (English) 2007
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proofing (English) 2007
    Microsoft Office Publisher MUI (English) 2007
    Microsoft Office Shared MUI (English) 2007
    Microsoft Office Shared Setup Metadata MUI (English) 2007
    Microsoft Office Word MUI (English) 2007
    Microsoft Visual C++ 2005 Redistributable
    Mozilla Firefox (2.0.0.9)
    NETGEAR WG111v2 wireless USB 2.0 adapter
    Oblivion
    Oblivion - Knights of the Nine
    Oblivion - Orrery
    Oblivion - Spell Tomes
    Oblivion - Thieves Den
    Oblivion - Vile Lair
    Oblivion - Wizard's Tower
    PDF Settings
    Portal
    QuickTime
    Rightonadz Browser Optimizer
    Security Update for Excel 2007 (KB936509)
    Security Update for Office 2007 (KB934062)
    Security Update for Office 2007 (KB936514)
    Security Update for Publisher 2007 (KB936646)
    Security Update for the 2007 Microsoft Office System (KB936960)
    Steam
    Team Fortress 2
    Update for Office 2007 (KB932080)
    Update for Office 2007 (KB934391)
    Update for Office 2007 (KB934393)
    Update for Outlook 2007 (KB937608)
    Update for Outlook 2007 Junk Email Filter (kb943559)
    Update for Word 2007 (KB934173)
    Viewpoint Media Player
    Windows Media Player Firefox Plugin
    WinRAR archiver
    Xfire (remove only)
    XP Codec Pack
     
  5. Jase123

    Jase123 Banned Posts: 1,012

    Please could you follow my instructions in post #3.

    Regards Jason :)
     
  6. ball8mj

    ball8mj TS Rookie Topic Starter

    stuck

    Hi, i've been stuck on Step 10 - tool 1 (Smitfraudfix)
    Each time i try to delete infected files by typing 2 into the command prompt all my desktop icons disappear and the start bar...
    Maybe because I'm not rebooting in safe mode, I don't know how to reboot in safe mode on Vista.
     
  7. Jase123

    Jase123 Banned Posts: 1,012

    When you've ran the tool you need to boot into safe mode.

    To get into the Windows Vista Safe mode, as the computer is booting press and hold your "F8 Key" which should bring up the "Windows Advanced Options Menu" as shown below. Use your arrow keys to move to "Safe Mode" and press your Enter key.

    Note: With some computers if you press and hold a key as the computer is booting you will get a stuck key message. If this occurs, instead of pressing and holding the "F8 key", tap the "F8 key" continuously until you get the startup menu.

    Regards Jason :)
     
  8. ball8mj

    ball8mj TS Rookie Topic Starter

    On step 11 when I try to run the PAVARK.exe file it says "Operating Syatem not supported"
     
  9. Jase123

    Jase123 Banned Posts: 1,012

    Yes - you need to use the AVG Antirootkit program as the Panda antirootkit isn't compatible with Windows Vista.

    Regards Jason :)
     
  10. ball8mj

    ball8mj TS Rookie Topic Starter

    3 logs

    Hey, I completed all the instructions so the 3 logs are attached
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...