Zlob.DNSChanger trouble

Every time I run Spybot, I get the Zlob.DNSChanger and even though I remove it, every time I run it, I get the same problem. What do I do now?

I'm running WinXP. I also run:

Spybot
AdAware SE Professional
PestPatrol
CCleaner
Cleanup
Eset NOD32
SpywareBlaster
WinCleaner OneClick CleanUp
SpySweeper
TrojanHunter

I can't imagine, with all of this stuff, that garbage still gets through. I guess I lack suffient imagination and knowledge...lol.

Please help!

Thanks,
pansygirl

 

Well, there's a problem right away. I did exactly what you said to do with the SmithfraudFix zip. When I extract it, it refuses to extract the Process.exe file. Without it, the smithfraudfix.cmd will not run. Now what? I've completely deleted at and re-dowloaded and unzipped it with no success. Can't imagine what can be wrong. The error I get is: "Process.exe is missing!! Unzip all archives in a folder."

Also, I have paid versions of Pest Patrol and Spy Sweeper. I have uninstalled Pest Patrol and run CCleaner to remove everything. I still have Ad-Aware SE Professional installed and running, but it only runs when I turn it on.

Any ideas??

 

Ok, Here is the text log for step#1

Now, in order to get this done, I had to uninstall NOD32, SpySweeper, Pest Patrol. Also a note, I only use Adaware SE Professional to scan separately. I don't run Ad-Watch, it is not enabled.

I'm not going to do step #2, till I am sure this is done correctly.

Thanks,
pansygirl

 

Okie Dokie... here's the new rapport log:

After this is done, I need to reinstall NOD32 and one of the spyware software options. Do you recommend any of these?

Spyware Blaster
Pest Patrol

In my original post, I listed what I scan with, some daily and some weekly, except for the ones installed to run all of the time.


Thanks,
pansygirl

 

Ok, looks like everything is fixed. I'm running Spybot to to be sure, but so far all is looking ok. I'm not going to reinstall pest control or counterspy. I'll stick with SpySweeper, and have reinstalled that and NOD32.

Thanks so much for all of your help! I greatly appreciate it. I'm gonna make sure that my kids pcs are running the same things as mine, as we have 5 pcs on our lan.

Thanks again!
pansygirl

 

Hey Chas...

I ran a virus scan with NOD32 today and got the following report:

File C:\Documents and Settings\Linda\Desktop\SmitfraudFix.zip is infected with application Win32/PrcView. The file can be deleted. It is strongly recommended that you back up any crucial data before you proceed.

I've deleted it, but wanted to let you know that I downloaded this from the link that was sent in the email below. I am rescanning, but don't expect to find anything else, because I deleted the file and emptied the recycling bin. I had uninstalled NOD32, in order to download this file so I could clean out the other virus.

Just reporting the problem.

Thanks again for your help.
pansygirl

 

It's legit, that utility is flagged due to it's nature. There is no real problem to worry about.

You can delete anything that was used during your fixes including anything that was installed during the READ ME.