Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan Zlob


  • Please log in to reply
2 replies to this topic

#1 Kim90

Kim90

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:09:04 AM

Posted 30 November 2006 - 01:51 AM

Hi there.

For a while now my laptop has been infected with the Trojan ZLOB.

When I open internet explorer on my Windows XP Home Edition laptop my hompage is not the one i assigned, instead it shows an isafety page with a pop up telling me that i have a virus and that i should click ok to download a software that can remove it.

Posted Image

The trojan also hijacks my dns error page with a little bar at the top advertising a program called System Doctor. This has become very annoying as almost every web site i visit it redirects me to the idnserror page then when i click back it redirects me there again and this keeps happeneing until eventually i just give up.

Posted Image

I also get these warnings poping up all the time in the bottom right hand corner of my screen that look exactly like a Windows one would except these tell me I have a backdoor trojan and to click that baloon to download removal software.

Posted Image

This has become very very annoying and I am worried that my laptop is destroyed. I have run VET Anti Virus but it detects nothing of the sort and when ever I try to scan using Ad-Aware or Spybot, halfway though the scan my laptop shuts down on me.

I hope it is not to late and you can help me get rid of this nasty!!!

BC AdBot (Login to Remove)

 


#2 fozzie

fozzie

    aut viam inveniam aut faciam


  • Members
  • 3,516 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Ossendrecht/The Netherlands
  • Local time:12:34 AM

Posted 30 November 2006 - 04:24 AM

Run an online scan at Ewido

After that follow following instructions

First, print out these instructions, or copy them to a NotePad file for reading while in Safe Mode, because you will not be able to connect to the Internet to read from this site.

Please download, install and update AVG Anti-Spyware 7.5. DO NOT perform a scan yet.
Print out the and follow the AVG Anti-Spyware Install-Scan Instructions for installing and upating.
DO NOT perform a scan yet.

Please download ATF Cleaner by Atribune & save it to your desktop. DO NOT use yet.


After using the tool as instructed, reboot again in "SAFE MODE" and double-click ATF-Cleaner.exe to run the program.
  • Under Main "Select Files to Delete" choose: Select All.
  • Click the Empty Selected button.
  • If you use Firefox browser click Firefox at the top and choose: Select All
  • Click the Empty Selected button.
    NOTE: If you would like to keep your saved passwords, please click No at the prompt.
  • If you use Opera browser click Opera at the top and choose: Select All
  • Click the Empty Selected button.
    NOTE: If you would like to keep your saved passwords, please click No at the prompt.
  • Click Exit on the Main menu to close the program.
Then scan with AVG Anti-Spyware 7.5 per the instructions you printed out and reboot normally.
Note: Close all open windows, programs, and DO NOT USE the computer while AVG Anti-Spyware is scanning. Doing so can hamper AVG Anti-Spyware's ability to clean properly and may result in reinfection.

#3 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:34 PM

Posted 30 November 2006 - 02:55 PM

You also need to go here and follow the generic instructions for using SmitfraudFix in BC's "How to remove the Smitfraud / Generic Zlob". You will have to extract the zip file to you Desktop. (Click here for information on how to do this if not sure. If you need one, download 7zip (its free).
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users