 Big Problem Here... |
Welcome Guest ( Log In | Click here to Register a free account now! )
Register a free account to unlock additional features at BleepingComputer.com
Welcome to Bleeping Computer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.When posting your problem, do not run and post a ComboFix logs. ComboFix is a tool that should only be run under the supervision of someone who has been trained in its use. Using it on your own can cause problems with your computer. Any posts containing CF Logs will be ignored.
To receive help, you should instead provide a detailed description of your problem, detailed word-for-word error messages that you are receiving, screenshots of strange behaviour, and your operating system. This information is much more useful to our helpers than a ComboFix log.
  |
 May 17 2008, 10:56 AM
Post
#1
|
|
 Member  Group: Members Posts: 28 Joined: 17-May 08 Member No.: 209,514  |
Anyways I have a few problems, I have a laptop and I always have the same update everyday. I always have to update it when I turn off the computer or on the automatic updates (which will cause me to restart). I believe it's the same update since it is always one update. I also have a Trojan downloader from the win32/Zlob Family (I believe) and it always comes back. How I got that Trojan I do not know. Now how do I get that this one updates "stays" on my computer and that Trojan is away for good. I also don't have a good anti-virus program since my Norton subscription has expired and my OneCare trial has expired also. I don't know why the subscription has expired, it came with the computer. Please help me! Thanks in advance!!! Edit: Moved topic from XP to the more appropriate forum. ~ Animal |
 |
 
|
|
May 17 2008, 11:09 AM
Post
#2
|
|
|
Member Group: Members Posts: 28 Joined: 17-May 08 Member No.: 209,514 |
I am now installing Avira AnitVir so I will have a good anti-Virus program. It still doesn't solve the problem though.
This post has been edited by moo.moo.bear: May 17 2008, 11:10 AM |
|
|
|
|
May 17 2008, 11:52 AM
Post
#3
|
|
|
Member Group: Members Posts: 28 Joined: 17-May 08 Member No.: 209,514 |
I now have another problem. I have the anti-virus program installed now, doing a scan, doing the update. I have two other viruses on the computer, which was never ever found. I don't know if that is true, also Norton tells me all the things from this program is all high risk. Like the updater and the notifier. I have permitted them though since it was said from this forum that it is a trusted program.
I'm still a little scared that it had found 3 things that will harm my computer. Can someone tell me (that uses the program them self) that it is VERY trusted. Thanks in advance!!! |
|
|
|
|
May 17 2008, 03:12 PM
Post
#4
|
|
 Visiting Alien Group: Members Posts: 3,942 Joined: 20-May 07 From: millenium falcon Member No.: 131,963 |
Having no antivirus is risky but with proper care and other protection like being fully updated, immunizing IE and using firefox with noscript and doing frequent scans you can stay fairly malware free.
Having more than one resident active antivirus will almost certainly cause conflicts that will corrupt windows to the point of no repair. -------------------- |
|
|
|
 May 17 2008, 04:10 PM
Post
#5
|
|
|
a forum member Group: Members Posts: 1,616 Joined: 27-August 07 Member No.: 153,171 |
you are going to get MORE infections with, at my reconing ,THREE antivirus programs now on there
Norton,One Care and antivir look at this pictorial guide ON xp system restore http://www.bleepingcomputer.com/tutorials/tutorial56.html see if you can roll back to PRIOR to all this stuff going on there? I suggest you see in each of the programs if they can be disabled while you do your roll back , stating the hopefully obvious OFF line then start again get that sorted then we can get you scanned for some other nasties with different tools |
|
|
|
|
May 17 2008, 06:33 PM
Post
#6
|
|
|
Member Group: Members Posts: 28 Joined: 17-May 08 Member No.: 209,514 |
I didn't mean that, OneCare has been removed right after the trial has expired so I don't have it on my computer anymore. The Norton Anti-virus doesn't work at all since the subscription has expired, so it is disabled (because of no key since the program came with the computer, it won't let me enable it). The only anti-virus program that is working or on the computer that I have is Antivir.
Anitvir removed all the Malware I have had but often that one Trojan downloader will come back, so how will it happen that is stays away for good? Also if I want to update the program (Antivir) will it work with Wireless internet. It always says that it failed to get connection. Also that one update has came back! I went to dinner and the computer restarted when I came back it said that it is up to date but now it says that my computer has updates. That thing just keeps coming back! Note that this update thing has been before I even had all this Trojan downloader stuff so it has nothing to do with it. I hope. Don't worry I don't have 3 anti-virus programs on my computer. One doesn't work and the other has been removed. I know it's bad. Although I have a question, Norton Anti-Virus is with Norton, it's disabled but will harm the computer if it stays off? Since I can't turn it on, I don't have any anti-virus at all so it shouldn't harm the computer, right? |
|
|
|
|
May 17 2008, 07:26 PM
Post
#7
|
|
|
Visiting Alien Group: Members Posts: 3,942 Joined: 20-May 07 From: millenium falcon Member No.: 131,963 |
http://www.majorgeeks.com/Norton_Removal_T...mNRT_d4749.html
let's make sure norton's is gone also run this scan and post the log after running the removal tool and rebooting http://www.bleepingcomputer.com/forums/ind...mp;#entry811062 avira is about the only free av I would reccomend This post has been edited by DaChew: May 17 2008, 07:27 PM -------------------- |
|
|
|
|
May 17 2008, 07:34 PM
Post
#8
|
|
|
Member Group: Members Posts: 28 Joined: 17-May 08 Member No.: 209,514 |
It tells me that the Removal tool has expired
This post has been edited by moo.moo.bear: May 17 2008, 07:35 PM |
|
|
|
|
May 17 2008, 07:46 PM
Post
#9
|
|
|
Member Group: Members Posts: 28 Joined: 17-May 08 Member No.: 209,514 |
Nevermind, I have downloaded the program from the link of the message. http://service1.symantec.com/SUPPORT/share...006050909471013 was the link. Well not like that, I think is was just symantec.com only it redirected me to the correct place.
|
|
|
|
|
May 17 2008, 08:17 PM
Post
#10
|
|
|
Member Group: Members Posts: 28 Joined: 17-May 08 Member No.: 209,514 |
Malwarebytes' Anti-Malware 1.12
Database version: 760 Scan type: Quick Scan Objects scanned: 37780 Time elapsed: 11 minute(s), 53 second(s) Memory Processes Infected: 2 Memory Modules Infected: 1 Registry Keys Infected: 16 Registry Values Infected: 3 Registry Data Items Infected: 0 Folders Infected: 3 Files Infected: 11 Memory Processes Infected: C:\Program Files\OneStepSearch\onestep.exe (Adware.OneStepSearch) -> Unloaded process successfully. C:\Program Files\OneStepSearch\onestep.exe (Adware.OneStepSearch) -> Unloaded process successfully. Memory Modules Infected: C:\Program Files\OneStepSearch\onestep.dll (Adware.OneStepSearch) -> Unloaded module successfully. Registry Keys Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5b4c3b43-49b6-42a7-a602-f7acdca0d409} (Adware.OneStepSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{5b4c3b43-49b6-42a7-a602-f7acdca0d409} (Adware.OneStepSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{9034a523-d068-4be8-a284-9df278be776e} (Trojan.Zlob) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{daed9266-8c28-4c1c-8b58-5c66eff1d302} (Search.Hijack) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{139c109e-08c6-4b60-9142-860b8cd5d000} (Rogue.Virus.Ranger) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c2a1c5cb-c0ef-4689-9436-f62cca1c5383} (Trojan.Zlob) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{679b00b5-0783-4de4-a478-7227fdd50825} (Rogue.Multiple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{14869272-e04b-66dc-80dd-58bab2570cf0} (Rogue.Multiple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{03b54468-0899-4233-8689-623fffc295ee} (Rogue.Multiple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{08f5d2f6-4ae5-486b-98e0-3e85ba6b4d11} (Rogue.Multiple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{38481807-ca0e-42d2-bf39-b33af135cc4d} (Rogue.Multiple) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\onestepsearch (Adware.OneStepSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\OneStepSearch (Adware.OneStepSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\OneStep Search Service (Adware.OneStepSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\NetProject (Trojan.Zlob) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Web Application (Trojan.Zlob) -> Quarantined and deleted successfully. Registry Values Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{81705d67-3f73-4983-859b-97d0922e5abe} (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{81705d67-3f73-4983-859b-97d0922e5abe} (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{d4c51fa4-9192-4a9a-8d2a-a0690c92f171} (Trojan.Zlob) -> Quarantined and deleted successfully. Registry Data Items Infected: (No malicious items detected) Folders Infected: C:\Program Files\Helper (Adware.BHO) -> Quarantined and deleted successfully. C:\Program Files\OneStepSearch (Adware.OneStepSearch) -> Delete on reboot. C:\Program Files\NetProject (Trojan.Zlob) -> Quarantined and deleted successfully. Files Infected: C:\Program Files\Common Files\Microsoft Shared\Smart Tag\IETAG.DLL (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Program Files\OneStepSearch\home.js (Adware.OneStepSearch) -> Quarantined and deleted successfully. C:\Program Files\OneStepSearch\onestep.dll (Adware.OneStepSearch) -> Delete on reboot. C:\Program Files\OneStepSearch\onestep.exe (Adware.OneStepSearch) -> Quarantined and deleted successfully. C:\Program Files\OneStepSearch\osopt.exe (Adware.OneStepSearch) -> Quarantined and deleted successfully. C:\Program Files\OneStepSearch\readme.html (Adware.OneStepSearch) -> Quarantined and deleted successfully. C:\Program Files\OneStepSearch\uninstall.exe (Adware.OneStepSearch) -> Quarantined and deleted successfully. C:\Program Files\NetProject\ot.ico (Trojan.Zlob) -> Quarantined and deleted successfully. C:\Program Files\NetProject\ts.ico (Trojan.Zlob) -> Quarantined and deleted successfully. C:\Program Files\NetProject\waun.exe (Trojan.Zlob) -> Quarantined and deleted successfully. C:\Documents and Settings\Jessica Franks\Favorites\Online Security Test.url (Rogue.Link) -> Quarantined and deleted successfully. |
|
|
|
|
May 17 2008, 08:27 PM
Post
#11
|
|
|
Member Group: Members Posts: 28 Joined: 17-May 08 Member No.: 209,514 |
Is the program just a Anti-Malware or also a Anti-Spyware? Just a small question that interests me since I get confused a lot. I don't have good knowledge with computers as you can see.
|
|
|
|
|
May 17 2008, 08:52 PM
Post
#12
|
|
|
Visiting Alien Group: Members Posts: 3,942 Joined: 20-May 07 From: millenium falcon Member No.: 131,963 |
malware is a catch all term for all the bad stuff
-------------------- |
|
|
|
|
May 17 2008, 08:54 PM
Post
#13
|
|
|
Member Group: Members Posts: 28 Joined: 17-May 08 Member No.: 209,514 |
Oh ok, wasn't so sure. Thanks! I'm off for bed and I'll check tomorrow! Thanks for the help, it's running better now although I'm still unsure.
|
|
|
|
|
May 17 2008, 08:57 PM
Post
#14
|
|
|
Visiting Alien Group: Members Posts: 3,942 Joined: 20-May 07 From: millenium falcon Member No.: 131,963 |
there will be more scans to do, zlob is a bad one but be sure and turn your computer off
-------------------- |
|
|
|
|
May 17 2008, 09:02 PM
Post
#15
|
|
 To INSANITY and BEYOND !! Group: Moderator Posts: 7,016 Joined: 10-September 04 From: NJ USA Member No.: 2,608 |
Mainly an Antimalware app. But since spyware is malware it does get both. As doe s Superantispyware it will also catch and kill most trojans plus spyware. Scan your PC with it also and see.
Download and scan with SUPERAntiSpyware Free for Home Users
-------------------- Can you spare some PC cycles to help FIND A CURE .. BC FOLDING TEAM Click me /info..
ThoughtVent a goodplace to discuss.<<>>>Staying Updated Calendar of Updates. For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear.... |
|
|
|
|
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:
| Lo-Fi Version | Time is now: 5th July 2008 - 06:21 PM |
© 2003-2008 All Rights Reserved Bleeping Computer LLC.