5 replies to this topic

[Xylogeist]

Yesterday I wa infected by a "Zlob" also known as Vundo and I downloaded malwarebytes to get rid of it - it supposedly removed the "zlob" but at the same time I also had a rouge that was trying to get me to subscribe to "Rapid"antivirus" or something - I think malwarebytes removed that and the vundo is still on my pc - SpyHunter (a program you have to pay for but I wont pay for it to remove this Ill just use the scan) picked up the same "zlob" I had yesterday and it says that it is in "msiexec.exe" however I have scanned the only 2 "msiexec.exe" files with 3 different malware protection programs INCLUDING malwarebytes and found nothing - so now I downloaded another program you have to pay for and it says I have an infected registry key and the registry key (im guessing) is "msiexec" because there is a registry key with that labled in it - its under processes I believe. Im running malwarebytes again just to make sure but after almost an hour and a half it still hasn't picked anything up yet - do you have a recommendation on how to handle this sucker? It is making my computer a tad sluggish so I believe those other programs are not lying :-(

Any ideas?

[Xylogeist]

Sorry, but there doesn't seem to be an "edit post" button - I just ran a check with another "have to pay" program and it found that the registry key - "hkey_local_machine/software/productname/productid/" was infected. I opened "regedit" and found it but Im not sure if its safe to delete - Im running windows xp - can someone please go check and see if that file is there regularly and tell me if it is safe to delete?

[Hardhead]

Please follow the directions here and post in this forum here.

[Xylogeist]

Hmph, not being able to edit my pot is quite annoying :-/

Ok I found out that I could delete that registry key so I did - and thats one clean scan but on another scan by "SpyHunter" it says that I still have a "Zlob" which is infecting a file named "msiexec.exe" but can only find two files titled that and both are clean to most programs :-/

Any ideas?

[Hardhead]

Xylogeist, on Nov 22 2008, 11:52 AM, said:

Hmph, not being able to edit my pot is quite annoying :-/

Ok I found out that I could delete that registry key so I did - and thats one clean scan but on another scan by "SpyHunter" it says that I still have a "Zlob" which is infecting a file named "msiexec.exe" but can only find two files titled that and both are clean to most programs :-/

Any ideas?

There is a time limit for editing posts.
Yes,
You need to follow the directions above before you remove something you shouldn't.

[AdvancedSetup]

Yes, sorry about not being able to edit posts (you have a 2 minute time limit for editing) that was put in place due to some users editing logs and posts and removing important information long after the post was made that caused issues. This limit has become necessary due to such childish actions of others.

As for cleaning up your system you really should follow this information as said and someone will assist you in cleaning up your system.
It's not that it's anything magical it's just that we have much more experience than the average user does for cleaning this sort of stuff up.



Please read and follow the instructions provided here: Pre- HJT Post Instructions
When ready please post your logs here: Malware Removal - HijackThis Logs

Someone will be happy to assist you further with cleaning your system.

During this scan and cleanup process you should not install any other software unless requested to do so.