Trojan.Zlob.G Help!

[Bill Nichols]

I feel yall's pain... I'm recovering from a nasty infection by the Vandu virus. Had to reformat and reinstall WinXP. Thankfully, I have a backup of all my files

[She-Wolf]

Richard - all of you - I fix computers all the time and have had three or four computers infected with this particular stable of fake antivirus products. They are very well put together and will fool a lot of us because they actually use screens such as the Windows splash screen, a blue screen with a fake stop message on, and, as Richard has found, the security centre screen, to make you think the message is genuine and that you should buy that product - all fake. I manually remove all the files I can see are from them, most of which ( apart from straight installs) are in system32 in XP,but you have to be careful as not every file dated the same day and time will necessarily be part of the fake AV package. Also the registry keys and data need to be removed where recognised. However, on the parts that cannot be moved manually, either because you are denied access, even in safe mode, or because they reproduce the moment you have deleted them, I have found a useful little tool that has finished the job off. Possibly just running that tool will do the lot - I don't know.

It is called Malwarebytes Anti-M alware v 1.32 and you can download this latest version from http://www.malwarebytes.org/

ps it is free..

[rifleman13]

Man...

If you're going to download something, do a search for it first.
The first hint of trouble, DO NOT DOWNLOAD IT!

And...

If you're using Firefox, I suggest you add the add-on: The Web of Trust or WOT for short.

Saves a lot of time and energy identifying bad sites from the good ones.
Remember GREEN is GOOD, RED is BAD!

[CaptainHaplo]

its always smart to do things like turn off popups, set your browser AX controls restrictive, and don't download just because it "looks ok". Also remember - the windows security center will NOT EVER tell you to download new, non-microsoft products. It can remind you that your AV is out of date and should be updated, it can advise you that your OS has patches and such it should have - but these are reminders only, and are only relevant to programs you have already installed.

A side note on Symantec / Norton - their writups on security hazards are excellent. However their home protection software has become bloatware - which is sad. If their AV was not so resource intensive as it has become - then they would have remained at the top of the market.

They remain a powerful and very useful tool in enterprise situations however.

Try also anti injection program, just in case. There is also good way to do a virus or troian scan in Save mod (F8). Hope this is also helps

[She-Wolf]

Quote:

Originally Posted by rifleman13

Man...



If you're using Firefox, I suggest you add the add-on: The Web of Trust or WOT for short.

Saves a lot of time and energy identifying bad sites from the good ones.
Remember GREEN is GOOD, RED is BAD!

Rifleman, that is useful - didn't know about that one. I use XPL's Linkscanner Pro meself, because it actually stops stuff coming down, not only gives you guidance when you are browsing. There is a version of that included in AVG's free AV 8.0, but the standalone Linkscanner that I use you have to pay for - worth it to avoid all the sort of hassle fakeware gives you though

You need something like XPL, or WOT or Mcafee Advisor because you cannot otherwise know about these invisible threats until it is too late and you have something you do not want already parked on your drive..