Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Zlob And Maybe Others, No Clue How To Do The Logs Or Anything!


  • Please log in to reply
27 replies to this topic

#1 SepurbOfSC

SepurbOfSC

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:10:40 AM

Posted 10 March 2008 - 01:49 PM

i am well versed on ps2, DS, and Gamecube. ignorant to PC and its intricacies. downloaded the following things from some tips from my parent forum, that they got from Yahoo! answers:

sdfix

smitfraudfix

superantispyware free

a-squared free

adaware SE personal

cleanup452

and the ever popular Spybot S&D

i followed steps 1-3 of this http://securitynewsfromthenet.blogspot.com...essentials.html and admittedly got lazy after i noticed that "warning! im tricking you into thinking theres cause for warning but secretly --ing you over" "Windows" pop ups diminished. but then after declining every notification spybot presented due to having zlob reappear after accepting a change/cleaning of a registry key, i started getting windows mandatory updates. in a confused stupor i declined/restart later them all. some may have snuck in at night tho as i slept!!! i then was told to try a system restore which failed even tho it was the first day i got comcast service!!! march 6th!! i was then like it uninstalled IE and was prepping for a reformat simply because i'd rather have nothing than know some --- is invading my personal space. i swear haxors are more terrifying to me than MS 13 (google it).

if anyone can assist in a intensive cleanup i'd be much obliged. i'm even willing to exchange numbers

thanks in advance


{Edit language ~~boopme}

Edited by boopme, 10 March 2008 - 10:40 PM.


BC AdBot (Login to Remove)

 


#2 PropagandaPanda

PropagandaPanda


  • Malware Response Team
  • 10,433 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:40 AM

Posted 10 March 2008 - 01:58 PM

Please post the reports logs spybot creates here so we can see where the infection is.

It would be appreciated if you used normal english and avoided swearing in your posts.

#3 SepurbOfSC

SepurbOfSC
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:10:40 AM

Posted 10 March 2008 - 02:33 PM

lol my bad, i edited them originally. also i don't know what the logs are or what to do with them i.e. the thread title. i apologize i just desired help and expected the posts to be that with what i presented, lack of knowledge of computers, uncertainty with logs and their purpose. so from the blue text does that mean since i used combofixand vundofix i need to go to a forum that deals with those?

When posting your problem, do not run and post a ComboFix logs. ComboFix is a tool that should only be run under the supervision of someone who has been trained in its use. Using it on your own can cause problems with your computer. Any posts containing CF Logs will be ignored.

To receive help, you should instead provide a detailed description of your problem, detailed word-for-word error messages that you are receiving, screenshots of strange behaviour, and your operating system. This information is much more useful to our helpers than a ComboFix log.


again sorry if i insulted anyone or happen to speak a different english, just trying to find help online and if requested i can continue looking elsewhere. thanks again.

#4 PropagandaPanda

PropagandaPanda


  • Malware Response Team
  • 10,433 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:40 AM

Posted 10 March 2008 - 02:48 PM

It is not recommended that you use CF and such tools without supervision from an expert.

I'm sorry. I don't quite understand what is wrong with your computer. Do you just have the pops? Do you have any confirmed infection on your computer that you are unable to remove? You original post was somewhat unclear.

#5 SepurbOfSC

SepurbOfSC
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:10:40 AM

Posted 10 March 2008 - 02:51 PM

i will try to pull up a spybot log before i exit for work. again excuse my hostility and i sincerely apologize. lol the forum i came from is pretty rough lol... bout to try to get the log for ya

#6 ruby1

ruby1

    a forum member


  • Members
  • 2,375 posts
  • OFFLINE
  •  
  • Local time:04:40 PM

Posted 10 March 2008 - 02:51 PM

shall we start by identifying which windows version you are running and which antivirus program is installed?

since i used combofix

who instructed you to use this tool?

please note
http://www.bleepingcomputer.com/forums/t/74900/combofix-what-does-it-do-and-when-is-it-used/

and a quote from that thread reads

ComboFix is not a general purpose cleaning tool and should not be as such. ComboFix should only be used when asked by someone experienced in the use of this tool. Using this tool without supervision can cause problems with your computer.


what other protection programs do you have on board and when did you last fully update and run them?

#7 SepurbOfSC

SepurbOfSC
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:10:40 AM

Posted 10 March 2008 - 02:54 PM

are spybot logs cool? im unsure how to get it and unfortunately theres a combofix log on my desktop... man i got in desperado mode and just went for anything on the net. it was either that or $350 to the geek squad which the site above disclaims as a no no

#8 SepurbOfSC

SepurbOfSC
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:10:40 AM

Posted 10 March 2008 - 02:57 PM

i also have HJTInstalll (not installed yet) @ ruby

something called vundofix and the others are above

Edited by SepurbOfSC, 10 March 2008 - 02:58 PM.


#9 SepurbOfSC

SepurbOfSC
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:10:40 AM

Posted 10 March 2008 - 03:04 PM

Posted Image

a pic of my desktop and the programs i have with an added treat|: ad-aware unable to update message

i'm preparing to leave to work but i have spybot running and will (with instructions how) provide a log before i exit.

#10 ruby1

ruby1

    a forum member


  • Members
  • 2,375 posts
  • OFFLINE
  •  
  • Local time:04:40 PM

Posted 10 March 2008 - 03:06 PM

you say you have these two tools on board?

superantispyware free a-squared free


can you fully update each , reboot and run each on a full deep scan? then let us know what, if anything they find

also please let us know what windows version you are running and which antivirus program; ?

I strongly suggest you do NOT run the HJT tool yet as if you DO run it and press the wrong tabs you cna be in very serious trouble with the possiblility of removing essential items on the computer

please try those two scans(SUPERANTISPYWARE AND A SQUARED ) and let us know how you get on?

#11 ruby1

ruby1

    a forum member


  • Members
  • 2,375 posts
  • OFFLINE
  •  
  • Local time:04:40 PM

Posted 10 March 2008 - 03:09 PM

Posted Image

a pic of my desktop and the programs i have with an added treat|: ad-aware unable to update message

i'm preparing to leave to work but i have spybot running and will (with instructions how) provide a log before i exit.

unfortunately Adaware SE is no longer updateable so I suggest you abandon it ; it has been withdrawn ; IF you have an XP machine you can try adaware 2007 if you wish ?

#12 SepurbOfSC

SepurbOfSC
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:10:40 AM

Posted 10 March 2008 - 03:09 PM

jus read the donginhispen thread and was able to provide this, however spybot detects zlob. running XP and ever since i left bellsouth onward to comcast i assume i have no virus protector...

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 03/10/2008 at 09:35 AM

Application Version : 4.0.1154

Core Rules Database Version : 3416
Trace Rules Database Version: 1408

Scan type : Complete Scan
Total Scan Time : 00:54:00

Memory items scanned : 402
Memory threats detected : 0
Registry items scanned : 5394
Registry threats detected : 1
File items scanned : 77655
File threats detected : 0

Trojan.Media-Codec
HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad#flammei [ {9d635a36-6b3c-4146-8625-f3aaf507bbf8} ]





note i mistakenly said running Vista i am running XP

Edited by SepurbOfSC, 10 March 2008 - 03:10 PM.


#13 SepurbOfSC

SepurbOfSC
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:10:40 AM

Posted 10 March 2008 - 03:13 PM

spybot scan complete, its detected a plethora of things! how would go about printing a log for spybot?

Edited by SepurbOfSC, 10 March 2008 - 03:13 PM.


#14 ruby1

ruby1

    a forum member


  • Members
  • 2,375 posts
  • OFFLINE
  •  
  • Local time:04:40 PM

Posted 10 March 2008 - 03:19 PM

please also try the asquared scan on a full deep scan and let us know the result?

the superantspyware scan has identified

Trojan.Media-Codec
HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad#flammei [ {9d635a36-6b3c-4146-8625-f3aaf507bbf8} ]


as to spybot, if all else fails you could rerun it and take a screan shot OF the 'horror result'?

#15 SepurbOfSC

SepurbOfSC
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:10:40 AM

Posted 10 March 2008 - 03:38 PM

lol i tried to copy and paste the txt i dug up after it "fixed" everything @ spybot, no dice, too much text. but it could easily be my own ignorance. i'm working on a-squared now... hopefully the log will be easier to obtain

sucks because it doesn't look like a-squared is detecting zlob which was noted as severe risk. next time, we're getting a Mac lol

Edited by SepurbOfSC, 10 March 2008 - 03:39 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users