Some questions about Zlob and SP2

Discussion in 'Malware Help (A Specialist Will Reply)' started by Norgates, Sep 14, 2009.

  1. Norgates

    Norgates Corporal

    I've been working on a comp that has XP but without any of the Service Packs and without any antivirus or firewall. I decided to first install Avira and run it, but during the installation, it broke off the installation with a blue screen and crashed the comp. So I went looking for malware with MalwareBytes which found some Zlob files. I had MB fix these and then reinstalled Avira, which worked successfully. I updated it and ran it and it found a couple more trojans which I had it fix. I then worked to get the Windows Updates to run and got SP2 downloaded and installed. After that I wanted to clean up some of the startup items with HJT and found some Zlob files that were listed as (file missing), so I decided to run Smitfraud Fix. Smitfraud Fix found that there was still a Zlob infection present, so I went into safemode and had it fix it. When I got back to the desktop, there was no wallpaper or screen saver.

    I wanted to ask if I could redo these steps in a way that would allow me to save the original Vaio wallpaper. Also, I wanted to ask if the reason for not putting SP2 onto an infected computer is because it might not be a successful installation? Or is it because the infected files might become incorporated into the SP?

    If I went back to a restore point and did this all over, would the results be any better than they are now? At the moment, the computer is clean and working and at SP2, just the wallpaper is missing.

    And finally, I had a question about Avira. When the computer is loading everything, there's a fairly long time before Avira's umbrella opens up. Does this mean the computer is vulnerable during this time? The firewall seems to load as the very last thing. Does this mean that the computer doesn't have a connection to the internet until everything has been loaded during the startup process? Or is there a stretch of vulnerability during that time?

    Thanks very much for your help.
     
    Norgates, Sep 14, 2009
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    The wallpaper was not deleted. Just reselect what you want.

    Depending on the infection, it could corrupt the installation and potentially even make it unbootable.

    System Restore is not a 100% backup of everything so the answer is unknown. You could just restore what you did on your own with HijackThis and run our cleaning procedure and post your logs to get help.

    Yes but this is no different than any AV. The all take a long time to fully hook in. And then some even take tons of system resources and slow down startup while doing this. AVG, McAfee, Norton are a few examples.

    What firewall?
     
    chaslang, Sep 19, 2009
    #2
  3. Norgates

    Norgates Corporal

    Sorry it's taken awhile to get back to you and thanks for the answers.

    SP2 installed correctly and booted fine. Didn't have any problems with that and the computer's working fine, so I don't want to go back. I guess the main problem now is that a few of the restore points may have Zlob remnants in them, however, there have been several new restore points since then. Is there any way to selectively delete restore points?

    Zone Alarm
     
    Norgates, Sep 21, 2009
    #3
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    The way to remove restore points is to disable system restore and then re-enable it. This removes ALL restore points and creates a new one to start fresh.

    You can use a program like below to manage which programs start in which order:

    StartRight
     
    chaslang, Sep 26, 2009
    #4
  5. Norgates

    Norgates Corporal

    Thanks. The computer goes on ... (to be continued in the software forum)
    :D
     
    Norgates, Oct 27, 2009
    #5
  6. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You're welcome. Surf safely!
     
    chaslang, Oct 30, 2009
    #6

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds