So How Did I Get Infected Anyway?
http://www.wilderssecurity.com/showthread.php?t=27971
Zlob usually installs when you click on a fake message prompting you to
download a new Codec or ActiveX Control to view a video; cf.
http://msmvps.com/blogs/hostsnews/default.aspx
Such infections are usually accompanied by Vundo and SDBot infections these
days.
No anti-virus application can protect you from all hijackware, and AVG is
the worst-performing AV app of the lot.
Unexplained computer behavior may be caused by deceptive software
http://support.microsoft.com/kb/827315
Run a /thorough/ check for hijackware, including posting your hijackthis log
to an appropriate forum.
Checking for/Help with Hijackware
http://aumha.org/a/parasite.htm
http://aumha.org/a/quickfix.htm
http://aumha.net/viewtopic.php?t=5878
http://wiki.castlecops.com/Malware_Removal...n:_Introduction
http://mvps.org/winhelp2002/unwanted.htm
http://inetexplorer.mvps.org/data/prevention.htm
http://inetexplorer.mvps.org/tshoot.html
http://www.mvps.org/sramesh2k/Malware_Defence.htm
http://defendingyourmachine2.blogspot.com/
http://www.elephantboycomputers.com/page2....emoving_Malware
When all else fails, HijackThis v2.0.2
(
http://aumha.org/downloads/hijackthis.zip) is the preferred tool to use.
It will help you to both identify and remove any hijackware/spyware with
assistance from an expert. Post your log to
http://forums.spybot.info/forumdisplay.php?f=22,
http://castlecops.com/forum67.html,
http://forums.subratam.org/index.php?showforum=7,
http://aumha.net/viewforum.php?f=30, or other appropriate forums for review
by an expert in such matters, not here.
If the procedures look too complex - and there is no shame in admitting this
isn't your cup of tea - take the machine to a local, reputable and
independent (i.e., not BigBoxStoreUSA) computer repair shop.
--
~Robear Dyer (PA Bear)
MS MVP-IE, Mail, Security, Windows Desktop Experience - since 2002
AumHa VSOP & Admin
http://aumha.net
DTS-L
http://dts-l.net/
wrkg_onit@yahoo.com wrote:<span style="color:blue">
> My system configuration: Win XP SP2 with all updates, firewall on,
> behind a router. AVG anti-virus. At the time of the incident I had
> several Opera browser windows open, and pointed to respectable
> financial sites like finance.yahoo. Outlook Express was loaded and may
> or may not have been downloading email. Microsoft Excel was the only
> other user application running.
>
> What happened was AVG suddenly reported an attempt by "Trojan horse
> downloader Zlob.ABQ" to load into one of my system restore
> subdirectories. How can this happen without me clicking on an
> attachment or popup, etc.? </span>