Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected With Troj_zlob.bok, Troj_generic


  • Please log in to reply
9 replies to this topic

#1 Banks

Banks

  • Members
  • 70 posts
  • OFFLINE
  •  
  • Local time:02:42 PM

Posted 18 October 2006 - 11:03 PM

I recently ran THE HOUSECALL program on my firefox but was unable to delete these because my firefox shut down, but i managed to see I was infected with these two trojans or malware or w/e they are.

My computer has been decreasing its internet speed everyday for like a month now, and just tonight it recently starting shutting itself off after being on for like 10 minutes.

BC AdBot (Login to Remove)

 


m

#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,593 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:42 PM

Posted 19 October 2006 - 04:27 AM

What OS (Win XP/2000, etc) are you using? What type of anti-virus are you using and when was the last time you ran a scan?

Please download ATF Cleaner by Atribune. (This program is for XP and Windows 2000 only)
Double-click ATF-Cleaner.exe to run the program.
  • Under Main "Select Files to Delete" choose: Select All.
  • Click the Empty Selected button.
  • If you use Firefox browser click Firefox at the top and choose: Select All
  • Click the Empty Selected button.
    NOTE: If you would like to keep your saved passwords, please click No at the prompt.
  • If you use Opera browser click Opera at the top and choose: Select All
  • Click the Empty Selected button.
    NOTE: If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.

If your running Win XP/2000, download and scan with AVG Anti-Spyware 7.5 in "SAFE MODE".
(This is Ewdio 4.0 renamed. If you already have Ewido installed, please update to this version which has a special "clean driver" for removing persistent malware). Be sure to print out the AVG Anti-Spyware Install-Scan Instructions.

Download and scan with SUPERAntiSypware Free for Home Users
Note: If you encounter any problems while downloading the updates, manually download and unzip them from here.

Then try some other online Virus scans: (perform at least two)
[Watch the Address bar in IE. You may receive alerts that "This site might require the following ActiveX control...Click here to install...". Click on that alert and then Click Install ActiveX component.]
F-Secure Online Scanner
Be sure to follow the directions on the F-Secure page for proper Installation.
BitDefender Online Virus and Malware Scan <- Add a check by "Autoclean".
Panda ActiveScan <- Accept default settings. (does not remove adware/spyware but will autoclean for viruses & worms.)
eTrust Antivirus Web Scanner. <- "Cure" whatever is found, manually delete what it can't cure.
Be sure to read the eTrust Antivirus Scanner Help Guide before scanning.

Note: The restart/shutdown symptoms you describe could be viral related or they could be due to hardware or overheating problems caused by a failed processor fan, bad memory (RAM), failing power supply, CPU overheating, motherboard, drivers, etc
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 Banks

Banks
  • Topic Starter

  • Members
  • 70 posts
  • OFFLINE
  •  
  • Local time:02:42 PM

Posted 19 October 2006 - 11:01 AM

Ok thanks...and all of these work with Firefox right?

And I am using windows XP on a SOny VIo laptop. And Im using Norton Internet Security. And It says my Personal Firewall, Intrusion detection, and AD Blocking is off...im suppose to turn those on right?

#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,593 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:42 PM

Posted 19 October 2006 - 11:13 AM

The online scans I suggested run via IE.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 Banks

Banks
  • Topic Starter

  • Members
  • 70 posts
  • OFFLINE
  •  
  • Local time:02:42 PM

Posted 19 October 2006 - 11:41 AM

So in order to use ALL OF THOSE I need to be in IE??

Because when I open internet explorer i get this page


hxxp://www.safetyhomepage.com/
S0 I think its really messed up...

Edited to disable bad link.

Edited by quietman7, 19 October 2006 - 12:12 PM.


#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,593 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:42 PM

Posted 19 October 2006 - 12:14 PM

In that case do this:

First, print out these instructions, or copy them to a NotePad file for reading while in Safe Mode, because you will not be able to connect to the Internet to read from this site.

Please download, install and update AVG Anti-Spyware 7.5. DO NOT perform a scan yet.
Print out the AVG Anti-Spyware Install-Scan Instructions.

Please download ATF Cleaner by Atribune & save it to your desktop. DO NOT use yet.

Go here and follow the instructions for using SmitfraudFix. You will have to extract the zip file to you Desktop.
(Click here for information on how to do this if not sure. Win 9x/2000 users click here. If you need an unzipping utility, download 7zip (its free).

After using the tool as instructed, reboot again in "SAFE MODE" and double-click ATF-Cleaner.exe to run the program.
  • Under Main "Select Files to Delete" choose: Select All.
  • Click the Empty Selected button.
  • If you use Firefox browser click Firefox at the top and choose: Select All
  • Click the Empty Selected button.
    NOTE: If you would like to keep your saved passwords, please click No at the prompt.
  • If you use Opera browser click Opera at the top and choose: Select All
  • Click the Empty Selected button.
    NOTE: If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.

Then scan with AVG Anti-Spyware 7.5 per the instructions you printed out and reboot normally.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#7 Banks

Banks
  • Topic Starter

  • Members
  • 70 posts
  • OFFLINE
  •  
  • Local time:02:42 PM

Posted 21 October 2006 - 02:09 PM



Ok so I CAN download all that stuff in Firefox right?

And after I download all of that, I then use it in safemode?

And after I do all this will my computer be good again?




#8 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,593 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:42 PM

Posted 21 October 2006 - 03:35 PM

Yes you should be able to download these programs with Firefox. Install and update AVG Anti-Spyware but do not perform a scan just yet.

Go to the link I provided and follow the instructions for using smitfraudfix. After doing that reboot in "Safe Mode" and run ATF Cleaner and AVG Anti-Spyware using the instructions I asked you to print out.

My instructions are based on the information you provided which appears to be a smitfraud infection. There are numerous variants of smitfraud but the instructions I provided should resolve most issues relating to it. If your still having problems afterwards, let me know and I will direct you on what to do next.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#9 Banks

Banks
  • Topic Starter

  • Members
  • 70 posts
  • OFFLINE
  •  
  • Local time:02:42 PM

Posted 27 October 2006 - 05:41 PM

Ok thanks

And w0w...theres lots of programs I need to download....wish me luck.

#10 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,593 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:42 PM

Posted 27 October 2006 - 10:09 PM

Just follow the instructions I provided and you should not have any problems. But good luck just the same.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users