Zlob Trojan and maybe others

All right so I clicked something I shouldn't have clicked and now I have the strong impression (from a, the little "security alerts" that keep popping up and b, all these scans.) that I have some sort of problem.

Any help would be appreciated.

 

And there's the other two

 

Hi corruptionsalwayspossible!!

To help you in the best way, we need for you to follow our standard cleaning procedures. Otherwise, we're left with pieces of information missing that we need for a correct evaluation. Please pay attention to the order of the instructions and make sure the scans you run are the current ones which you'll be downloading from the link below.
Thanks!
abri

 

Here's the other two.

 

Hi Corruptions!!


1) You have two antivirus programs on your computer. AntiVir PersonalEdition Classic and Symantec. Please uninstall one of these. It is not enough to disable one of them, you need to uninstall it.

2) We no longer need Counterspy. Please go to add/remove programs and uninstall the following:

- J2SE Runtime Environment 5.0
- Sunbelt Counterspy

3) Then delete the below folders which may be left behind by the uninstall:

C:\Documents and Settings\Gabe\Application Data\Sunbelt Software
C:\Documents and Settings\All Users\Application Data\Sunbelt Software
C:\Program Files\Sunbelt Software


4) Now REBOOT your computer.


5) After you've booted back up, please install Java Runtime Environment vs. 6.2



6) If you do not use Windows Messenger (not to be confused with MSN Messenger!!) I would like you to run Disable/Remove Windows Messenger



7) Please go here and follow the instructions for the correct renaming of HijackThis. You got it in the right folder, but it needs to be renamed analyse.exe. Otherwise it misses some things that have gotten clever to evade it.
Downloading, Installing, and Running HijackThis



8) Please run HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:


O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

After clicking Fix, exit HJT.


9) Now Run The AVENGER by double-clicking on it.
* Check the 'Input script manually' box.
* Click on the magnifying glass icon.
* Copy everything in the Quote box below, and paste it in the box that opens:

Now click the 'Done' button.
* Click on the traffic light icon and OK the prompt.
* You will be prompted to restart, OK the prompt and your PC should reboot, if not, reboot it
yourself.
* A log file from Avenger will be produced at C:\avenger.txt


10) Please copy the bold text (including the word REGEDIT4 below to notepad.

Save it as fixME.reg to your desktop. Be sure the "Save as" type is set to "all files"

Once you have saved it double click it and allow it to merge with the registry.

11) Please download ATF Cleaner by Atribune. This program does not require an installation. The executable actually runs the program.

NOTE: This program is for Windows XP and Windows 2000 only. ATF Cleaner will remove all files from the items that are checked so if you have some cookies you'd like to save. Please move them to a different directory first.

• Double-click ATF-Cleaner.exe to run the program.
• Under Main choose: Select All
• Click the Empty Selected button.

If you use Firefox browser

• Click Firefox at the top and choose: Select All
• Click the Empty Selected button.
  • NOTE: If you would like to keep your saved passwords, please click No at the prompt.

If you use Opera browser

• Click Opera at the top and choose: Select All
• Click the Empty Selected button.
  • NOTE: If you would like to keep your saved passwords, please click No at the prompt.

Click Exit on the Main ATF Cleaner menu to close the program.



12) After you have completed ALL of the above in the correct order, please attach the following logs.

• HijackThis Log
• ShowNew Log
• GetRunKey Log
• Avenger Log

Let me know of any problems you may have encountered with the above instructions and also let me know how things are running now.



abri

 

Hi,

Thanks! It's running much better now. Here are the requested log files.

Hmm... it doesn't seem to be letting me attach anything?

 

Attach Files
Valid file extensions: bmp doc gif jpe jpeg jpg log pdf png psd txt zip

It doesn't have a button for me to push like it used to...

 

A lot of people are having trouble posting attachments recently. Did yoiu get any error message when you tried to upload it? Please try posting them again and let me know if you have the same problem. If you did not click on the "remember me" button when you logged on, please try that.
Thanks!
abri