Virus software detects threat - HijackThis log included

[Renold]

Hello,
Recently I have been getting messages telling me that I have been infected with Downloader.Zlob.Li. I'm not sure whether or not my computer is still infected. I am posting my Hijack-This logfile. Can anyone tell whether or not I am still infected with Zlob, or if I have any other infections? If so, could someone guide me through the removal process?

Thank you in advance.

 

[Daveskater]

You can have HJT fix these entries because tehy have been deactivated:

O2 - BHO: (no name) - {40C266CA-3132-4B3A-9CCC-D36D3AF37812} - C:\WINDOWS\system32\jkhfe.dll (file missing)

O20 - Winlogon Notify: vtuvwtq - vtuvwtq.dll (file missing)

O20 - Winlogon Notify: winful32 - winful32.dll (file missing)

If you think you may still be infected, read this thread If your system is infected, read this before deciding whether to Clean or Format.

If you decide to clean your system, follow these instructions Virus/Spyware/Malware, preliminary removal instructions and post fresh HJT, Combofix, and AVG Antispyware logs as attachments to this thread as well as the result of the Panda Antirootkit scan.


This thread is for the use of Renold only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[Renold]

Logs

I have completed all steps of the Virus/Spyware/Malware, preliminary removal instructions. The Panda Antirootkit scan discovered 1 unknown rootkit.
The results of the Panda Antirootkit scan described the rootkit as follows:

CATSEXPN.: Zone.Identifier
HIDDEN: TRUE
IS_ADS_DIRECTORY: FALSE
HIDDEN_FILES: 1
IRP_HOOK: 1

I have included fresh HJT, Combofix, and AVG Antispyware logs as attachments, as well as the results of the Panda Antirootkit scan. Does everything seem ok?

Thank you for your help.

 

[Daveskater]

Your HJT log looks clean.

Panda AntiRootkit has built in cleaning functions to remove the Rootkit. Run a new scan and tell it to clean anything that it finds, then run a full scan with the online scanner in step 3 of the preliminary removal instructions.


This thread is for the use of Renold only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.