trojan zolab

[stubev]

Hi
Sorry to be a pain on my 1st post........but...........I have inherited a nasty peice of work on my machine which gets picked up as downloader trojan zolab which seems to be trying to get me to install various spyware progs.
Along with its anoying pop ups and attemps to tell me that various ip addresses have gained control of my machine it is becoming a right pain in the neck. I have tried all the varoius spyware removal progs which pick it up but are obvoiusly missing something as it is always back after a reboot.
I have never had any problems with spyware before so this is a bit new to me

Dont suppose you guys/girls have any ideas.


Here`s hoping
Stu

 

[gabriella]

Hi Stu

Can you give us some more info: what AV/AS are you using and what have you tried so far to remove the nasty one??

Once we know a bit more we can take it from there.

Gabs x

 

[stubev]

HI,
Sorry, I`m using avg7 pro and xoftspy, and i`ve also installed and ran MS spyware beta, spybot,spywareblaster plus a couple of others in the hope that...........with no luck.........I have a permanent pop up eminating from a auto update icon in the systray (which i assume it has just nicked the icon) that says my computer is infected, if I click on this it tries to install a prog called spyware striker.

hope this helps

stu

ps just checked avg`s virus vault and it says its filename is gdnFR2296[1].exe

 

[gabriella]

Ok, Spyware Striker = adware. Can I suggest you download/run/scan with Adaware as a starter for 10. Let us know how u get on with that.

Gabs xx

 

[Me__2001]

seeing as you've tried most of the reccomended scanners, do they try to remove it but it always returns ?

you might want to try disabling system restore and booting into safe mode, then trying again

 

[stubev]

Cheers, I think your right,

Just given adaware a shot at it, and like the rest, it picks it up ok but then as soon as it has cleared it, its back like a rat up a drainpipe.

As you say, I`ll boot into safe mode offline and give it a whack.........A job for tommorow

Many thanks all

Stu

 

[whiskybane]

If clearing it in Safe Mode doesn't do it, download Hijack This. It will scan your registry and give you a log file, it then has tons of help and links to help you remove the offensive ******* manually. Good Luck.

 

[gabriella]

Please can I offer some words of advice - unless you REALLY know what you are doing HJT is to be used by experienced users only. There are some specialised sites who will take you through a HJT log step by step and help remove the offending nasties. BUT are we there yet??

I can give you a link to a specialised HJT forum if you need this.

Gabs xx

 

[Canes Venatici]

Have you tried Ewido Security suite? - Picks up an amazing load of junk! - Grab yourself it today!