GeekPolice Tech TutorialsLog in

 

Share

descriptionSolvedalso a trojan.zlob.g problem

more_horiz
Hello,

My computer has been infected with the trojan.zlob.g virus. It will pop up randomly with a message informing me about malware installed on the computer etc. I hope that someone will be able to help me with this. Below is my hijacklog. Thanks so much

Last edited by jlbeerman2 on 8th December 2008, 5:58 pm; edited 1 time in total

descriptionSolvedRe: also a trojan.zlob.g problem

more_horiz
Hello.


  • Open HijackThis
  • Choose "Do a system scan only"
  • Check the boxes in front of these lines:


    O4 - HKCU\..\Run: [Smax4] "C:\Documents and Settings\John Beerman.BEERMAN.000\Application Data\Google\kjzna1562565.exe"



  • Press "Fix Checked"
  • Close Hijack This.


Delete this file in bold:
C:\Documents and Settings\John Beerman.BEERMAN.000\Application Data\Google\kjzna1562565.exe



  • Download combofix from here, use the top links - combofix.exe
  • Double click on ComboFix.exe.
  • Follow the prompts. NOTE:
  • ComboFix will check to see if the Microsoft Windows Recovery Console is installed.
    ***It's strongly recommended to have the Recovery Console installed before doing any malware removal.***

    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will automatically proceed with its scan.


  • The Recovery Console provides a recovery/repair mode should a problem occur during a Combofix run.



  • Allow ComboFix to download the Recovery Console.
  • Accept the End-User License Agreement.
  • The Recovery Console will be installed.
  • You will this next prompt that asks if you want to continue the malware scan, select yes



  • Allow combofix to run
  • Post C:\combofix.txt back here.

    Note:
    Do not mouseclick combofix's window whilst it's running. That may cause it to stall.

descriptionSolvedRe: also a trojan.zlob.g problem

more_horiz
Thanks, here is my combofix log

Last edited by jlbeerman2 on 8th December 2008, 5:58 pm; edited 1 time in total

descriptionSolvedRe: also a trojan.zlob.g problem

more_horiz
Looks good, what problems remain?

Your version of Java is outdated and needs to be updated to take advantage of fixes that have eliminated security vulnerabilities.
Updating Java:

  • Download the latest version of Java SE Runtime Environment (JRE) 6 Update 11 .
  • Select the first option where it says "Java SE Runtime Environment (JRE) 6 Update 11".
  • Click the "Download" button to the right.
  • In the Window that opens, select your platform and language, check the "agree" box, and click Continue.
  • Click on the link to download Windows Offline Installation and save to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Control Panel double-click on Add or Remove Programs and remove all older versions of Java.
  • Check any item with Java Runtime Environment (JRE or J2SE) in the name.
    - Examples of older versions in Add or Remove Programs:
    - Java 2 Runtime Environment, SE v1.4.2
    - J2SE Runtime Environment 5.0
    - J2SE Runtime Environment 5.0 Update 2
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-6u11-windows-i586-p.exe that you downloaded to install the newest version.
Please make sure the new version of Java is installed before you run JavaRa.

Please download JavaRa from here

  • First, unzip it.
  • Then run JavaRa.
  • Select English from the drop down menu and press Select.
  • This will open JavaRa.
  • Press Remove older versions
  • Press yes to the prompt.
  • It will make a log file of what it's removed.
  • Copy and paste the log back here.

descriptionSolvedRe: also a trojan.zlob.g problem

more_horiz
The problem seems to have gone away, thanks so much!

Last edited by jlbeerman2 on 8th December 2008, 5:59 pm; edited 1 time in total

descriptionSolvedRe: also a trojan.zlob.g problem

more_horiz
Below I have included a number of recommendations for how to protect your computer in order to prevent future malware infections. Please take these recommendations seriously; these few simple steps can stave off the vast majority of spyware problems. As happy as we are to help you, for your sake we would rather not have repeat customers. Goofy

1) Please navigate to http://windowsupdate.microsoft.com and download all the "critical updates" for Windows. This can patch many of the security holes through which attackers can gain access to your computer.

Please either enable Automatic Updates under Start -> Control Panel -> Automatic Updates , or get into the habit of checking for Windows updates regularly. I cannot stress enough how important this is.

2) In order to protect yourself against spyware, you should consider installing and running the following free programs:

Ad-Aware SE
A tutorial on using Ad-Aware to remove spyware from your computer may be found here .

Spybot-Search & Destroy
A tutorial on using Spybot to remove spyware from your computer may be found here . Please also remember to enable Spybot's "Immunize" and "TeaTimer" features.

SpywareBlaster
A tutorial on using SpywareBlaster to prevent spyware from ever installing on your computer may be found here .

SpywareGuard
A tutorial on using SpywareGuard for realtime protection against spyware and hijackers may be found here .

Make sure to keep these programs up-to-date and to run them regularly, as this can prevent a great deal of spyware hassle.

3) Please consider using an alternate browser. Mozilla's Firefox browser is fantastic; it is much more secure than Internet Explorer, immune to almost all known browser hijackers, and also has the best built-in popup blocker (as an added benefit!) that I have ever seen. If you are interested, Firefox may be downloaded from here:
http://www.mozilla.org/products/firefox/
I also recommand the following add-ons for Firefox, they will help keep you safe from malicious scripts or activeX exploits.
https://addons.mozilla.org/en-US/firefox/addon/722
https://addons.mozilla.org/en-US/firefox/addon/1865

4) Also make sure to run your antivirus software regularly, and to keep it up-to-date.

5) Finally, consider maintaining a firewall. Some good free firewalls are Kerio , or
Outpost
A tutorial on understanding and using firewalls may be found here .

Please also read Tony Klein's excellent article: How I got Infected in the First Place

Hopefully this should take care of your problems! Good luck. Big Grin

descriptionSolvedRe: also a trojan.zlob.g problem

more_horiz
Thanks so much for all of your help, it is greatly appreciated :-)

descriptionSolvedRe: also a trojan.zlob.g problem

more_horiz
Since this issue is resolved, this topic is closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter.

Everyone else, please open a new topic for your questions.
Permissions in this forum:
You cannot reply to topics in this forum