Somehow while I was online windows defender popped up with system32:Zlob.ANS trojan alert.
I have VISTA basic.
I've read the guides and numerous pages and was wondering if anyone can help.
I used spybot, got rid of some, superantispyware, got rid of some more (in safe mode), and lavasoft adaware found even more. What I'm wondering is, is it all gone?
I'll paste the juicy bit from adaware below, any help very much appreciated!! It said they're all deleted, but how can I tell for sure?
Unloading known modules during scan
Ignoring spanned files when scanning cab archives
Reanalyzing results after scanning before displaying results
Trying to unload modules prior to removal
Let Windows remove files currently in use at next reboot
Removing quarantined objects after restore
Deactivating Ad-Watch during scans
Writeprotecting system files after repairs
Include info about ignored objects in log file
Including basic settings in log file
Including advanced settings in log file
Including user and computer name in log file
Create and save WebUpdate log file
Databaseinfo
===========================
Version number: 129
Build Number: 0
Build Date and Time: 2008/10/09 17:55:27
Scan Statistics
===========================
Method: Smart
Scan tracking cookies.............................: On
Scan ADS filestreams..............................: Off
Item Scanned: 248292
Infections Detected: 26
Infections Ignored: 0
Scan detailed statistics
===========================
Type Critical Total
Process Scan....: 0 0
Registry Scan...: 24 24
Registry PE Scan: 0 0
Hosts File Scan.: 0 0
File Scan.......: 2 2
Folder Scan.....: 0 0
LSP Scan........: 0 0
ADS Scan........: 0 0
Cookie Scan.....: 0 0
File Hash Scan..: 0 0
Infections Found
===========================
Family Id: 1040 Name: Win32.Trojandownloader.Zlob Category: Malware TAI:10
Item Id: 300049964 Value: Root: HKU Path: S-1-5-21-1950044828-751392282-2033521614-1000\software\microsoft\internet explorer\searchscopes\{daed9266-8c28-4c1c-8b58-5c66eff1d302}
Item Id: 300050288 Value: Root: HKU Path: S-1-5-21-1950044828-751392282-2033521614-1000\software\microsoft\windows\currentversion\ext\stats\{9034a523-d068-4be8-a284-9df278be776e}
Item Id: 300027635 Value: Root: HKU Path: .DEFAULT\software\microsoft\windows\currentversion\internet settings\zonemap\escdomains\funcodec.com
Item Id: 300027635 Value: Root: HKU Path: S-1-5-21-1950044828-751392282-2033521614-1000\software\microsoft\windows\currentversion\internet settings\zonemap\escdomains\funcodec.com
Item Id: 300027635 Value: Root: HKU Path: S-1-5-18\software\microsoft\windows\currentversion\internet settings\zonemap\escdomains\funcodec.com
Item Id: 300027636 Value: Root: HKU Path: .DEFAULT\software\microsoft\windows\currentversion\internet settings\zonemap\escdomains\gocodec.com
Item Id: 300027636 Value: Root: HKU Path: S-1-5-21-1950044828-751392282-2033521614-1000\software\microsoft\windows\currentversion\internet settings\zonemap\escdomains\gocodec.com
Item Id: 300027636 Value: Root: HKU Path: S-1-5-18\software\microsoft\windows\currentversion\internet settings\zonemap\escdomains\gocodec.com
Item Id: 300027637 Value: Root: HKU Path: .DEFAULT\software\microsoft\windows\currentversion\internet settings\zonemap\escdomains\gomyron.com
Item Id: 300027637 Value: Root: HKU Path: S-1-5-21-1950044828-751392282-2033521614-1000\software\microsoft\windows\currentversion\internet settings\zonemap\escdomains\gomyron.com
Item Id: 300027637 Value: Root: HKU Path: S-1-5-18\software\microsoft\windows\currentversion\internet settings\zonemap\escdomains\gomyron.com
Item Id: 300027639 Value: Root: HKU Path: .DEFAULT\software\microsoft\windows\currentversion\internet settings\zonemap\escdomains\inc-codec.com
Item Id: 300027639 Value: Root: HKU Path: S-1-5-21-1950044828-751392282-2033521614-1000\software\microsoft\windows\currentversion\internet settings\zonemap\escdomains\inc-codec.com
Item Id: 300027639 Value: Root: HKU Path: S-1-5-18\software\microsoft\windows\currentversion\internet settings\zonemap\escdomains\inc-codec.com
Item Id: 300027641 Value: Root: HKU Path: .DEFAULT\software\microsoft\windows\currentversion\internet settings\zonemap\escdomains\nmextensions.com
Item Id: 300027641 Value: Root: HKU Path: S-1-5-21-1950044828-751392282-2033521614-1000\software\microsoft\windows\currentversion\internet settings\zonemap\escdomains\nmextensions.com
Item Id: 300027641 Value: Root: HKU Path: S-1-5-18\software\microsoft\windows\currentversion\internet settings\zonemap\escdomains\nmextensions.com
Item Id: 300027646 Value: Root: HKU Path: .DEFAULT\software\microsoft\windows\currentversion\internet settings\zonemap\escdomains\the-codec.com
Item Id: 300027646 Value: Root: HKU Path: S-1-5-21-1950044828-751392282-2033521614-1000\software\microsoft\windows\currentversion\internet settings\zonemap\escdomains\the-codec.com
Item Id: 300027646 Value: Root: HKU Path: S-1-5-18\software\microsoft\windows\currentversion\internet settings\zonemap\escdomains\the-codec.com
Item Id: 300027647 Value: Root: HKU Path: .DEFAULT\software\microsoft\windows\currentversion\internet settings\zonemap\escdomains\web-codec.com
Item Id: 300027647 Value: Root: HKU Path: S-1-5-21-1950044828-751392282-2033521614-1000\software\microsoft\windows\currentversion\internet settings\zonemap\escdomains\web-codec.com
Item Id: 300027647 Value: Root: HKU Path: S-1-5-18\software\microsoft\windows\currentversion\internet settings\zonemap\escdomains\web-codec.com
Item Id: 300053124 Value: Root: HKU Path: S-1-5-21-1950044828-751392282-2033521614-1000\software\applications
Item Id: 700008131 Value: File: C:\ProgramData\Microsoft\Windows\Start Menu\Online Spyware Test.url
Item Id: 700008132 Value: File: C:\ProgramData\Microsoft\Windows\Start Menu\Antivirus Scan.url
Edited by tigerbalm, 09 October 2008 - 09:25 PM.
Sign In
Create Account
