Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Flashing Blue And Red Shield


  • Please log in to reply
1 reply to this topic

#1 mblanco2000

mblanco2000

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:03:54 AM

Posted 01 November 2007 - 05:49 PM

I accidentally installed some spyware the other day, I believe the name of the adware is Zlob. I had a folder in my program files called Video Add On that had executables that were starting up when I would boot. I now have Trend Micro and have gone through the hoops with the software, support staff, and it is still on here. It is not as bad as it once was. I was able to uninstall some of the exe files out of the Video Add On folder in program files. I ran the "Hijackthis" program and was told that uploading it to this forum might help. If I need to give additional information please let me know.

Attached Files


Edited by mblanco2000, 01 November 2007 - 05:52 PM.


BC AdBot (Login to Remove)

 


#2 -David-

-David-

  • Members
  • 10,603 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London
  • Local time:09:54 AM

Posted 01 November 2007 - 06:34 PM

Hello there and welcome to Bleeping Computer's security forum.
My name is David, I will be helping you with your log today.

It is a good idea to print off these instructions:
This will be useful as there is a possibility some of the instructions will need to be carried out where internet access is not available.
You may also like to save these instructions in word/notepad to the desktop where they can be easily found for the same reasons as above.
A print out of the instructions would be a good reference to make sure you don't yet lost.
Also, it is important that you complete the instructions in the right order, and also that you don't miss any steps out!
If you have any queries about the process or just general questions, just ask.

Please download SmitfraudFix (by S!Ri)
Open the file and it will extract the contents (a folder named SmitfraudFix) to your Desktop.

Now reboot into Safe Mode.
This can be done tapping the F8 key as soon as you start your computer
You will be brought to a menu where you can choose to boot into safe mode.
Make sure you choose the option without networking support.

Once in Safe Mode, open the SmitfraudFix folder again.
Double-click smitfraudfix.cmd.
Select option #2 - Clean by typing 2 and press "Enter" to delete infected files.
You will be prompted : "Registry cleaning - Do you want to clean the registry ?"; answer "Yes" by typing Y and press "Enter" in order to remove the Desktop background and clean registry keys associated with the infection.
The tool will now check if wininet.dll is infected. You may be prompted to replace the infected file (if found); answer "Yes" by typing Y and press "Enter".
The tool may need to restart your computer to finish the cleaning process; if it doesn't, please restart it into Normal Windows.
A text file will appear onscreen, with results from the cleaning process; please copy/paste the content of that report into your next reply.
The report can also be found at the root of the system drive, usually at C:\rapport.txt
Warning : running option #2 on a non infected computer will remove your Desktop background.
Also post a new Hijackthis log.

Oh yes, and in future, no need to attach the logs, you can simply post them directly on the topic.

Edited by D-Trojanator, 01 November 2007 - 06:34 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users