Results 1 to 3 of 3

Thread: Zlob.VideoActiveX Can't get rid out it's once found

  1. #1
    Junior Member
    Join Date
    Sep 2007
    Posts
    3

    Exclamation Zlob.VideoActiveX Can't get rid out it's once found

    Spybot S&D has detected Zlob.VideoActiveX in C:\Program Files\Video ActiveX Access\ folder but when I select "Fix Selected Problems" it fails and comes up with the message:
    "Some problems couldn't be fixed; the reason could be that the associated files are still in use (in memory). This could be fixed after a restart. May Spybot S&D run on your next system startup."

    Of course I tried this and it again detected Zlob.VideoActiveX but could not fix it.

    What do I do now?

    Here is the Kaspersky scan result:

    -------------------------------------------------------------------------------
    KASPERSKY ONLINE SCANNER REPORT
    Sunday, September 02, 2007 5:12:42 PM
    Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
    Kaspersky Online Scanner version: 5.0.93.0
    Kaspersky Anti-Virus database last update: 2/09/2007
    Kaspersky Anti-Virus database records: 402435
    -------------------------------------------------------------------------------

    Scan Settings:
    Scan using the following antivirus database: extended
    Scan Archives: true
    Scan Mail Bases: true

    Scan Target - My Computer:
    C:\
    D:\

    Scan Statistics:
    Total number of scanned objects: 62455
    Number of viruses found: 1
    Number of infected objects: 2
    Number of suspicious objects: 0
    Duration of the scan process: 00:43:41

    Infected Object Name / Virus Name / Last Action
    C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
    C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
    C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\settings.dat Object is locked skipped
    C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\2007-09-02_Log.ALUSchedulerSvc.LiveUpdate Object is locked skipped
    C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\index.qbs Object is locked skipped
    C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBConfig.log Object is locked skipped
    C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBDebug.log Object is locked skipped
    C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBDetect.log Object is locked skipped
    C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBNotify.log Object is locked skipped
    C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBRefr.log Object is locked skipped
    C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetCfg.log Object is locked skipped
    C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetCfg2.log Object is locked skipped
    C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetDev.log Object is locked skipped
    C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetLoc.log Object is locked skipped
    C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetUsr.log Object is locked skipped
    C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBStHash.log Object is locked skipped
    C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBValid.log Object is locked skipped
    C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\SPPolicy.log Object is locked skipped
    C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\SPStart.log Object is locked skipped
    C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\SPStop.log Object is locked skipped
    C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtErEvt.log Object is locked skipped
    C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtETmp\3FBB5C2E.TMP Object is locked skipped
    C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtETmp\C50B5E71.TMP Object is locked skipped
    C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtMoEvt.log Object is locked skipped
    C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtNvEvt.log Object is locked skipped
    C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtScEvt.log Object is locked skipped
    C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtTxFEvt.log Object is locked skipped
    C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtViEvt.log Object is locked skipped
    C:\Documents and Settings\All Users\Application Data\Symantec\SubEng\submissions.idx Object is locked skipped
    C:\Documents and Settings\Glen Pinna\Cookies\index.dat Object is locked skipped
    C:\Documents and Settings\Glen Pinna\Local Settings\Application Data\ApplicationHistory\cli.exe.c88dbd71.ini.inuse Object is locked skipped
    C:\Documents and Settings\Glen Pinna\Local Settings\Application Data\Microsoft\Messenger\glenpinna@hotmail.com\SharingMetadata\Logs\Dfsr00005.log Object is locked skipped
    C:\Documents and Settings\Glen Pinna\Local Settings\Application Data\Microsoft\Messenger\glenpinna@hotmail.com\SharingMetadata\pending.dat Object is locked skipped
    C:\Documents and Settings\Glen Pinna\Local Settings\Application Data\Microsoft\Messenger\glenpinna@hotmail.com\SharingMetadata\Working\database_C0F0_6A0E_F06A_B4C\dfsr.db Object is locked skipped
    C:\Documents and Settings\Glen Pinna\Local Settings\Application Data\Microsoft\Messenger\glenpinna@hotmail.com\SharingMetadata\Working\database_C0F0_6A0E_F06A_B4C\fsr.log Object is locked skipped
    C:\Documents and Settings\Glen Pinna\Local Settings\Application Data\Microsoft\Messenger\glenpinna@hotmail.com\SharingMetadata\Working\database_C0F0_6A0E_F06A_B4C\fsrtmp.log Object is locked skipped
    C:\Documents and Settings\Glen Pinna\Local Settings\Application Data\Microsoft\Messenger\glenpinna@hotmail.com\SharingMetadata\Working\database_C0F0_6A0E_F06A_B4C\tmp.edb Object is locked skipped
    C:\Documents and Settings\Glen Pinna\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
    C:\Documents and Settings\Glen Pinna\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
    C:\Documents and Settings\Glen Pinna\Local Settings\Application Data\Microsoft\Windows Live Contacts\glenpinna@hotmail.com\real\members.stg Object is locked skipped
    C:\Documents and Settings\Glen Pinna\Local Settings\History\History.IE5\index.dat Object is locked skipped
    C:\Documents and Settings\Glen Pinna\Local Settings\Temp\Perflib_Perfdata_2c4.dat Object is locked skipped
    C:\Documents and Settings\Glen Pinna\Local Settings\Temp\Perflib_Perfdata_83c.dat Object is locked skipped
    C:\Documents and Settings\Glen Pinna\Local Settings\Temp\Perflib_Perfdata_930.dat Object is locked skipped
    C:\Documents and Settings\Glen Pinna\Local Settings\Temp\~DFCF77.tmp Object is locked skipped
    C:\Documents and Settings\Glen Pinna\Local Settings\Temp\~DFCF92.tmp Object is locked skipped
    C:\Documents and Settings\Glen Pinna\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
    C:\Documents and Settings\Glen Pinna\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
    C:\Documents and Settings\Glen Pinna\Local Settings\Temporary Internet Files\Content.IE5\NRIJ94CK\setup[1].exe/data0007 Infected: Trojan-Downloader.Win32.Zlob.cgm skipped
    C:\Documents and Settings\Glen Pinna\Local Settings\Temporary Internet Files\Content.IE5\NRIJ94CK\setup[1].exe NSIS: infected - 1 skipped
    C:\Documents and Settings\Glen Pinna\NTUSER.DAT Object is locked skipped
    C:\Documents and Settings\Glen Pinna\ntuser.dat.LOG Object is locked skipped
    C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
    C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
    C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
    C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
    C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
    C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
    C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
    C:\Documents and Settings\NetworkService\Cookies\index.dat Object is locked skipped
    C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
    C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
    C:\Documents and Settings\NetworkService\Local Settings\History\History.IE5\index.dat Object is locked skipped
    C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
    C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
    C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
    C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcrst.dll Object is locked skipped
    C:\Program Files\Common Files\Symantec Shared\EENGINE\EPERSIST.DAT Object is locked skipped
    C:\Program Files\Common Files\Symantec Shared\NFWEVT.LOG Object is locked skipped
    C:\Program Files\Common Files\Symantec Shared\SNDALRT.log Object is locked skipped
    C:\Program Files\Common Files\Symantec Shared\SNDCON.log Object is locked skipped
    C:\Program Files\Common Files\Symantec Shared\SNDDBG.log Object is locked skipped
    C:\Program Files\Common Files\Symantec Shared\SNDFW.log Object is locked skipped
    C:\Program Files\Common Files\Symantec Shared\SNDIDS.log Object is locked skipped
    C:\Program Files\Common Files\Symantec Shared\SNDSYS.log Object is locked skipped
    C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_AGENT_LOG1.txt Object is locked skipped
    C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_AUDIO\CLML.db Object is locked skipped
    C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_AUDIO\CLML.db-journal Object is locked skipped
    C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_BINARY\CLML.db Object is locked skipped
    C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_BLOB\CLML.db Object is locked skipped
    C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_BLOB\CLML.db-journal Object is locked skipped
    C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_GLOBAL\CLML.db Object is locked skipped
    C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_GLOBAL\CLML.db-journal Object is locked skipped
    C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_IMAGE\CLML.db Object is locked skipped
    C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_IMAGE\CLML.db-journal Object is locked skipped
    C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_MAIN\CLML.db Object is locked skipped
    C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_MAIN\CLML.db-journal Object is locked skipped
    C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_TV\CLML.db Object is locked skipped
    C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_TV\CLML.db-journal Object is locked skipped
    C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_VIDEO\CLML.db Object is locked skipped
    C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_VIDEO\CLML.db-journal Object is locked skipped
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Glen Pinna\Data\chandir.dat Object is locked skipped
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Glen Pinna\Data\chandir.idx Object is locked skipped
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Glen Pinna\Data\chn.dat Object is locked skipped
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Glen Pinna\Data\chn.idx Object is locked skipped
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Glen Pinna\Data\D0000000.FCS Object is locked skipped
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Glen Pinna\Data\inuse.txt Object is locked skipped
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Glen Pinna\Data\L0000003.FCS Object is locked skipped
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Glen Pinna\Data\main.log Object is locked skipped
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Glen Pinna\Data\prs.dat Object is locked skipped
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Glen Pinna\Data\prs.idx Object is locked skipped
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Glen Pinna\Data\prs_die.dat Object is locked skipped
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Glen Pinna\Data\prs_die.idx Object is locked skipped
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Glen Pinna\Data\prs_dnd.dat Object is locked skipped
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Glen Pinna\Data\prs_dnd.idx Object is locked skipped
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Glen Pinna\Data\prs_ext.dat Object is locked skipped
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Glen Pinna\Data\prs_ext.idx Object is locked skipped
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Glen Pinna\Data\prs_rcv.dat Object is locked skipped
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Glen Pinna\Data\prs_rcv.idx Object is locked skipped
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Glen Pinna\Data\storydb.dat Object is locked skipped
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Glen Pinna\Data\storydb.idx Object is locked skipped
    C:\Program Files\Norton Internet Security\Norton AntiVirus\AVApp.log Object is locked skipped
    C:\Program Files\Norton Internet Security\Norton AntiVirus\AVError.log Object is locked skipped
    C:\Program Files\Norton Internet Security\Norton AntiVirus\AVVirus.log Object is locked skipped
    C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
    C:\System Volume Information\_restore{6D3A4696-82BE-4444-91C0-85A894D9C49C}\RP138\change.log Object is locked skipped
    C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
    C:\WINDOWS\SchedLgU.Txt Object is locked skipped
    C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
    C:\WINDOWS\Sti_Trace.log Object is locked skipped
    C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
    C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
    C:\WINDOWS\system32\config\ACEEvent.evt Object is locked skipped
    C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
    C:\WINDOWS\system32\config\DEFAULT Object is locked skipped
    C:\WINDOWS\system32\config\default.LOG Object is locked skipped
    C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
    C:\WINDOWS\system32\config\SAM Object is locked skipped
    C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
    C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
    C:\WINDOWS\system32\config\SECURITY Object is locked skipped
    C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
    C:\WINDOWS\system32\config\SOFTWARE Object is locked skipped
    C:\WINDOWS\system32\config\software.LOG Object is locked skipped
    C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
    C:\WINDOWS\system32\config\SYSTEM Object is locked skipped
    C:\WINDOWS\system32\config\system.LOG Object is locked skipped
    C:\WINDOWS\system32\h323log.txt Object is locked skipped
    C:\WINDOWS\system32\LogFiles\HTTPERR\httperr1.log Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
    C:\WINDOWS\wiadebug.log Object is locked skipped
    C:\WINDOWS\wiaservc.log Object is locked skipped
    C:\WINDOWS\WindowsUpdate.log Object is locked skipped

    Scan process completed.

    Many thanks

    Glen

  2. #2
    Guest
    Join Date
    Jul 2007
    Location
    Finland
    Posts
    260

    Default

    Hello

    • Click here to download HijackThis and save it to your desktop.
    • Double-click on HJTInstall.exe to run it.
    • HJTInstall.exe will install HijackThis to here C:\Program Files\Trend Micro\HijackThis
    • Click install
    • HJTInstall.exe will create an icon to your desktop.
    • When the installation is ready, it will start HijackThis.
    • When HijackThis is opened, click Do a system scan and save a logfile.
    • Post the HijackThis log here.
    • Do not fix anything with HijackThis, until I tell to you!

  3. #3
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,955
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •