Fighting win32.trojandownloader.zlob.AAC

Hi there my name is Matt,
I am currently fighting the virus/malware(?) named trojandownloader.Zlob.AAC or AAN according to bitdefender...F-Secure names it zlob.cy and Win32.trojandownloader.zlob by some other scanner.
I have read and run the scans in the "READ & RUN ME FIRST" post. At the time of infection my virus scanner and spybot S&D plus other scanners fought valiantly and won the battle, however certain clues have been popping up that I am not clean (ie strange web pages occuring in searches and my homepage was hijacked at least once).
Moving to the READ&RUN ME results 1most scans turned up clean except for bitdefender (contaminated restore points) which was unable to remove the offender. I believe there is a removal procedure for the trojan given on your site and I am commencing with that soon.
I think it would be wise to upload some results at this time and here they are if I can get it right......
Bitdefender scan results
Panda active scan results
shownew
runkeys
hijackthis

thanks for all you help.

 

Here are the runkeys and hijackthislogs and another bitdefenderscan if you can use it its in html format (other bitdef log is corrupted ?) Oops cant upload html format will run another bitdef scan tonight chow

 

You need to just rename the HTML bitdenfender log to bdscan.txt and upload it.

 

OK renamed to bdscan.txt and got a warning that it may become unusable if I rename, but renamed anyway and uploaded. BTW I could not get into safemode for the scans, as I have got stuck there for a week on other puter and I tried the F8 method on this puter with no success. I am doing special procedures for removal but cant use safe mode for that either.
bye now

 

To Whom it may concern,
Friday night events:
1.Researched why cant get to safe mode(NERO WONT LET ME=DUMP NERO)
2.Used Spyquake/Spyfalcon removal procedure about half way through got tired and quit. returned to NORMAL mode and got a (near?)fatal error=RECOVERED FROM A NEAR FATAL ERROR thats aproximatlay what it said. ok quick game then discovered charter HS internet security suite was malfunctioning-no tray icon..
Saturday morning events
1.Cant get Charter suite to scan because it says "F-Secure crash detected"
but i think its firewall is functional. TS guide says to reinstall suite.
note I am not mad at you guys. If anything I should be mad at the virus.
2. Planning on resuming spyware scanning with spyquake then following advice given to "the canadian" as well as others in effort to speed up disinfection.
Question would it not be quicker to format the drive and reinstall windows plus the few games I have on this puter??? Yes I am thinking that may be a viable option plus I get a fresh install to boot.........
I will try to keep you (or whoever updated) bye now..

 

Thanks for any and all help. Guess my last post was deleted.

 

All I know right now is I may have an outdated version of In-CD (from Nero)
which may be causing my problem and maybe I need to update the In-CD program. If you can help I would appreciate it and again thanks for all the great help.
PS the other program is gone.

 

Hi ChaseLang, sorry about the delay in responding to you post.
I will handle nero at their website or buy as you said.
First, I had to reinstall the OS due to major problems fatal error and computer failing to work properly if at all. I updated JAVA then uninstalled version 9.
computer seems to be operating ok cept for a few IE freezes or not responding errors. I amd thinking of starting a new post for the new questionable Malware issues. the title is going to be "HP/Compaq preinstalled Malware? Thanks for all your help this year, I could not operate this computer without you guys. you guys are great thank you.
PS I am writing this on my gigabyte computer not the presario as IE locks and disconnects bye.

 

Tried to format and reinstall w/o the recovery partition but it would not work, so I did a full install. Not sure about the repartitioning. The CD's are the ones I made when I first bought the computer and I believe they are clean but how can I check them without ruining them?
Thanks again.

 

Oh yeah Updated to SP2 from a disk that MS mailed to me. Then Trend micro wanted to be upgraded to 2007 for free minus the subscription price which is still due for 2007. Thats when I noticed the trojan alerts and took action immediately to remove offenders. I think the SP2 upgrade may be related to IE (6.2900??) not responding at times and that there may be an update available (IE locked up for 1 1/2 hours so far)shows hourglass...thanks bye

 

Hi sorry about the delay in repling to your post, with an answer. I am simply trying to answer all the questions that you asked, to the best of my ability. I am sorry, if I am not clear. I have run all the scans after reinstalling the OS as per the read and run me post. In my other post HP/Compaq preinstalled malware You have answered my question that I have false positives due to preinstalled software that looks like malware.