Zlob.trojan
I am haveing a problem removeing the last parts of this Zlob infection mainly becauase i can not locate them I am running Bitdefender 2008 and it is fully updated but i cant find them so ui have gone ahead and deleted tthe hard way by hand and useding som eother trial versions of spyhunter 3 and such however i am still haveing problems with several files in the system Reg here are the locations and any help would be appeciated
computer is a windows vista 32 bit
opject name is Zlob.trojan
item name is IE safety Features
HKLM\Software\microsoft\windows\currentversion\uninstall\ie safety features
Item Name is Information center
.. ..\information center
item name is {69b98c68-d2b8-4a4e-9cb7-e85b6f3a7014}
HKCR\CLSID\{69b98c68-d2b8-4a4e-9cb7-e85b6f3a7014}\InprocServer32
.. ..\******
Item Name is{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A}
HKCU\Software\microsoft\internet explorer\searchscopes\{D3DEE18F-DB64-4BEB-9FF1- E1F0A5033E4A}\displayname
.. ..
.. .. \URL
Along with 2 other locations anyone have a clue how to access these areas or if bitdefender could be made to locate these problem and do the work its self it would be nice. the areas already deleted by hand were
c:/program files/video codec/......
Comments
-
OK i have found a way to remove the information center and ie safety features cant seem to find the others or find a way to automaticly remove them i also have been searching for the file that installed the virus i have never been so dumb but after i scanned it with ditdefedner and it said it was clean i was like umm ok it must be legit
after the install when IE opened it would move me over to ahomepcsafety.com
and it would attempt to alter my homepage but i would never allow it to do that(vista option)
then it would claim i have a virus(duh) and say iwould buy a proglem to clean it(duh)
I looked up the problem online and this is the best information i could come up with
from http://www.pcontech.com/ahomepcsafety.com-remove.htm
ahomepcsafety.com, ahomepcsafety.com hijacker, ahomepcsafety trojan
Danger Level
Risk Level
Very High Risk - Extremely dangerous Spyware. ahomepcsafety.com Uses stealth installation, randomly named entries and has the capability to self update or Restore after incomplete removal. Very hard to remove manually. Removing by free software or Re-Name the Dll file of ahomepcsafety.com cannot decrease the Privacy Risk, because it uses stealth installation method.
System Affected
Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP & Window Vista.
Symptoms
Pop up balloon warning messages claiming that your PC is infected. ahomepcsafety.com's Examples are:
"Critical System Error",
"Your computer is infected",
"Trojan-Spy.win32@mx",
"Virus Alert",
"Security Alert"
"System Alert" or
"Spyware.Cyberlog-X" infections..
Hijacked homepage to ahomepcsafety.com webpage.
Flashing icons appear on your system tray (Near of your system clock).
Automatic installation of Rogue/Fake antispyware applications such as, VirusProtectPro, MalwareBurn, VirusRanger and something like this.
Screenshot of Homepage Hijacker
Screen shot of system tray popup
Manual Removal Process - ahomepcsafety.com
Note:- This is a Internet Browser hijacker so it doesn't matter which removal process you are going to remove the ahomepcsafety.com hijacker, whether you use "Manual Removal" or use "Automatic Removal" , Just remove it ASAP!
(A) Kill ahomepcsafety.com Running Process. [if Exists]
How to kill Running Process
* isamini.exe,
* isamonitor.exe ,
* pmmon.exe ,
* pmsngr.exe ,
* iesuninst.exe ,
* isamini.exe ,
* isamonitor.exe
(
Unregister ahomepcsafety.com DLL file [if Exists]
How to Un-Register Dll file
* gtawclv.dll
* vjxwnn.dll
* khtbpdl.dll
* cfqbw.dll
* fdpzgi.dll
* vmlwp.dll
* veptlh.dll
Important Notice : - veptlh.dll (or like this) is a essential component of ahomepcsafety.com spyware, which is very dangerous for your privacy and security. If you are really serious about protecting your computer, we strongly recommend you to scan your computer and eliminate possible threats.
Download Removal Tool
© Remove/Modify ahomepcsafety.com Registry Entries [if Exists]
Click Start > Run.
Type regedit
Then click OK
How to Remove/Modify Registry Entries
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{70d17a5f-ef27-4295-90f5-20ad6f24834f}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{80ced3d6-ece9-48ba-8df8-2503d8d87c2b}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Messenger Service
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D61D7E1A-6613-49CA-B6F9-51DB248E209D}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper objects\{D61D7E1A-6613-49CA-B6F9-51DB248E209D}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IExplorer Security Plug-in
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Internet Explorer Secure Bar
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{aa6d4f53-4c8d-4549-84d2-02d584acc4e9}
This spyware has ability to modified and damage your legitimate registry entries. You should try this free scan to analyze your Registry Health!
DOWNLOAD FOR FREE SCAN
(D) Search and delete these ahomepcsafety.com Related Files [if Exists ]
* isamini.exe
* isamonitor.exe
* pmmon.exe
* pmsngr.exe
* iesplugin.dll
* iesuninst.exe
* isaddon.dll
* Online Security Guide.url
* Security Troubleshooting.url
* Online Security Guide.url
* Security Troubleshooting.url
* pmmon.exe
* pmsngr.exe
* pmuninst.exe
* gtawclv.dll
* vjxwnn.dll
* khtbpdl.dll
* cfqbw.dll
* fdpzgi.dll
* vmlwp.dll
* veptlh.dll
This is about all i could find i hope it helps someone0
