Homesteading Forum banner
1 - 7 of 7 Posts

·
Premium Member
Joined
·
2,019 Posts
Discussion Starter · #1 ·
Well.....I didn't take my own advice and now I have problems.:mad:

I went to a site I didn't know, to watch some TV programs.:croc:

IE went down & said a Trojan was detected. BUT my anti-virus software is expired:nono:.

So I downloaded AVG free edition. They find nothing but cookies. My IE keeps crashing in the mean time.

So should I take off my outdated Norton, Macefee and the new AVG and try Avast? ( I know you're not supposed to have 2 antivirus, but they will either be renewed or removed today:shrug:)

HEELLPP
 

·
Registered
Joined
·
293 Posts
You shouldn't have a problem with two except that they might detect each other as viruses. This isn't a "kill your competitor" thing, it's just based on the way they work, anti-virus works much like a virus itself. Don't take off your old virus stuff until you're absolutely sure. If need be, you can remove IE:

http://support.microsoft.com/kb/927177

and then reinstall it:

http://support.microsoft.com/kb/927177

In the meanwhile you can use Firefox:

http://www.mozilla.com/en-US/firefox/

Or you might decide to just switch over to Firefox altogether, it's all but identical these days. You will probably need to reinstall IE regardless. Whatever you do, don't bring it into GeekSquad at BestBuy. You'll end up paying $70-$100 for the privilege of them wiping your hard drive and selling you another one for $200.
 

·
Premium Member
Joined
·
2,019 Posts
Discussion Starter · #3 ·
Ok, it hasn't crashed in a few hours (well, it will sometimes say that it has encountered a Trojan and must close)

BUT - none of the anti virus programs have detected it!! I tried a new one for free, super antispyware, it did nothing but find more cookies.

The Trojan is zlob. Anyone know how to help for free? I can't get to town until Thursday.....:shrug:
 

·
Registered
Joined
·
387 Posts
Ok, it hasn't crashed in a few hours (well, it will sometimes say that it has encountered a Trojan and must close)

BUT - none of the anti virus programs have detected it!! I tried a new one for free, super antispyware, it did nothing but find more cookies.

The Trojan is zlob. Anyone know how to help for free? I can't get to town until Thursday.....:shrug:
Download and run adaware Here
Run it and remove its findings.

Then follow these steps.

Step 1 : Use Windows File Search Tool to Find Zlob Path
Go to Start > Search > All Files or Folders.
In the "All or part of the the file name" section, type in "Zlob" file name(s).
To get better results, select "Look in: Local Hard Drives" or "Look in: My Computer" and then click "Search" button.
When Windows finishes your search, hover over the "In Folder" of "Zlob", highlight the file and copy/paste the path into the address bar. Save the file's path on your clipboard because you'll need the file path to delete Zlob in the following manual removal steps.
Read more about How to Find Zlob with File Search Tool


Step 2 : Use Windows Task Manager to Remove Zlob Processes
To open the Windows Task Manager, use the combination of CTRL+ALT+DEL or CTRL+SHIFT+ESC.
Click on the "Image Name" button to search for "Zlob" process by name.
Select the "Zlob" process and click on the "End Process" button to kill it.
Remove the "Zlob" processes files:
msmsgs.exe
nvctrl.exe
msmsgs.exe
nvctrl.exe



Step 3 : Use Registry Editor to Remove Zlob Registry Values
To open the Registry Editor, go to Start > Run > type regedit and then press the "OK" button.
Locate and delete the entry or entries whose data value (in the rightmost column) is the spyware file(s) detected earlier.
To delete "Zlob" value, right-click on it and select the "Delete" option.
Locate and delete "Zlob" registry entries:
HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsNTCurrentVersionWinlogonShell=explorer.exe
HKEY_LOCAL_MACHINE SoftwareMicrosoftWindows NT CurrentVersionWinlogonShell=explorer.exe, msmsgs.exeHKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRunRegSvr32=%System%msmsgs.exe
HKEY_LOCAL_MACHINE SoftwareMicrosoftWindows CurrentVersionRunRegSvr32=%System%msmsgs.exe



Step 4 : Use Windows Command Prompt to Unregister Zlob DLL Files
To open the Windows Command Prompt, go to Start > Run > type cmd and then click the "OK" button.
Type "cd" in order to change the current directory, press the "space" button, enter the full path to where you believe the Zlob DLL file is located and press the "Enter" button on your keyboard. If you don't know where Zlob DLL file is located, use the "dir" command to display the directory's contents.
To unregister "Zlob" DLL file, type in the exact directory path + "regsvr32 /u" + [DLL_NAME] (for example, :C\Spyware-folder\> regsvr32 /u Zlob.dll) and press the "Enter" button. A message will pop up that says you successfully unregistered the file.
Search and unregister "Zlob" DLL files:
uimcu.dll
antzozc.dll
dtjby.dll



Step 5 : Detect and Delete Other Zlob Files
To open the Windows Command Prompt, go to Start > Run > type cmd and then press the "OK" button.
Type in "dir /A name_of_the_folder" (for example, C:\Spyware-folder), which will display the folder's content even the hidden files.
To change directory, type in "cd name_of_the_folder".
Once you have the file you're looking for type in "del name_of_the_file".
To delete a file in folder, type in "del name_of_the_file".
To delete the entire folder, type in "rmdir /S name_of_the_folder".
Select the "Zlob" process and click on the "End Process" button to kill it.
Remove the "Zlob" processes files:
uimcu.dll
antzozc.dll
dtjby.dll
dumpserv.com
zxserv0.com
vnp7s.net
Protect
RSA
ncompat.tlb
msvol.tlb
hp[X].tmp
msmsgs.exe
nvctrl.exe
dumpserv.com
zxserv0.com
vnp7s.net
%UserProfile%\Application Data\Microsoft\Protect
%UserProfile%\Application Data\Microsoft\Crypto\RSA
ncompat.tlb
msvol.tlb
hp[X].tmp


I've had to remove the infection before and it's annoying.
P.S. that information came form here
 

·
Registered
Joined
·
581 Posts
Hey mamahen,
I did the same thing yesterday after two years of no problems. Mine was "MS Antispyware 2009".. this one is a real pain and AVG found nothing. I also have Avast, so I ran it and it also found nothing. I got on another computer and found "Malwarebyte", its a free download and it got rid of it within 30 minutes. All I had to do was let it restart the computer [after a few clicks] and it was gone.
If you haven't had any luck yet, give it a try.
 

·
Registered
Joined
·
864 Posts
Hey mamahen,
I did the same thing yesterday after two years of no problems. Mine was "MS Antispyware 2009".. this one is a real pain and AVG found nothing. I also have Avast, so I ran it and it also found nothing. I got on another computer and found "Malwarebyte", its a free download and it got rid of it within 30 minutes. All I had to do was let it restart the computer [after a few clicks] and it was gone.
If you haven't had any luck yet, give it a try.
A good part of my daily work is in the computer security sector which involves working on 1000's of business computers and servers all over North America. I use Malwarebytes' for malware removal....and there are not enough superlatives to say about this great and free product (usual disclaimers apply).
 

·
Premium Member
Joined
·
2,019 Posts
Discussion Starter · #7 ·
Thanks for everyones help. We've been super busy (deer season, ya know!) I'm taking everyones suggestions. I'll let you know what happens
 
1 - 7 of 7 Posts
Top