Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Zlob Trojan Is Killing Me...


  • Please log in to reply
2 replies to this topic

#1 Horokeu

Horokeu

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:04:18 AM

Posted 28 January 2007 - 01:18 PM

Hey guys,

Recently, I downloaded an active x file onto my computer so I could watch some movies but I didn't really go through all the cautions of scaning it b4 i opened it etc etc. And just rite on that day, that active x program, when opened, caused a trojan to escape into my comp. Didn't know what it was but I searched over the internet and found this was called a zlob trojan. Its annoying me completely and I need to do something about it. I've tried doin many things like(i use f-secure btw); 1. dl f-secure product that's suppose to disinfect zlob, didn't work at all; 2. dl smitrem and did that, didn't work at all; 3. scan using f-secure, didn't find nething...

So after that, I read that theres this pandscan online thats good for detecting these things and i used it. Luckily , it did find alota bad stuff on the comp. So nows where I get stuck. Can neone plz help me clean this ugly trojan with some step to step guide or something plzzzz,Thanks guys, heres the log for the pandscan:

Incident Status Location

Virus:Trj/Bifrose.UX Disinfected Operating system
Adware:Adware/VideoActiveXObject Not disinfected C:\Program Files\Video ActiveX Object\isamini.exe
Adware:Adware/SecurityError Not disinfected C:\WINDOWS\system32\nbbrhbd.dll
Spyware:spyware/new.net Not disinfected c:\windows\NDNuninstall6_38.exe
Potentially unwanted tool:application/altnet Not disinfected c:\windows\smdat32a.sys
Potentially unwanted tool:application/bestoffer Not disinfected c:\windows\smdat32m.sys
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Owner\Cookies\owner@ad.yieldmanager[1].txt
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Owner\Cookies\owner@atwola[2].txt
Spyware:Cookie/Ccbill Not disinfected C:\Documents and Settings\Owner\Cookies\owner@ccbill[1].txt
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Owner\Cookies\owner@com[1].txt
Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Owner\Cookies\owner@go[2].txt
Spyware:Cookie/Searchportal Not disinfected C:\Documents and Settings\Owner\Cookies\owner@searchportal.information[2].txt
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\Ross\Desktop\smitRem\Process.exe
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\Ross\Desktop\smitRem.exe[smitRem/Process.exe]
Adware:Adware/PestTrap Not disinfected C:\Documents and Settings\Ross\Local Settings\Temporary Internet Files\Content.IE5\9FVSJYSK\awarninglist[1].htm
Spyware:Spyware/New.net Not disinfected C:\Program Files\themexp\Themexp.org File\NNWDAB638.EXE
Adware:Adware/VideoActiveXObject Not disinfected C:\Program Files\Video ActiveX Object\iesuninst.exe
Potentially unwanted tool:Application/P2PNetworking Not disinfected C:\WINDOWS\Downloaded Program Files\WebP2PInstaller.dll
Spyware:Spyware/New.net Not disinfected C:\WINDOWS\NDNuninstall7_22.exe
Potentially unwanted tool:Application/P2PNetworking Not disinfected C:\WINDOWS\system32\P2P Networking v126.cpl
Hope that came out rite lol....o btw, i also can't do safe mode cuz it stalls on mup.sys and I duno wat to do with that so plz help me fix that too. Im really bad with comps so plz be atient with me guys. thx!!!

Thanks all, Horokeu

BC AdBot (Login to Remove)

 


#2 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 37,012 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:08:18 AM

Posted 28 January 2007 - 03:15 PM

Welcome to BC Horokeu :thumbsup:

I suggest you follow the directions in this guide. Then create an HJT log, you will find the directions in the guide.

Create a new topic in this forum, not here and give it a good descriptive title. Briefly summarize what the problems are, what you have done to try to solve it, and what worked and didn't work and paste in your HJT log. You might also want to include a link to this topic.

After you post your log, DO NOT make any further changes to your computer: deleting files, editing the registry, using special fix tools, installing or uninstalling software etc. as this will make it more difficult for the HJT team to help you.

Please be patient as the HJT team is very busy. DO NOT bump your log as the team may think that someone is already helping you. If you have not had a response in five days, add a response to the five days no response topic and paste in the link to your thread.

Orange Blossom :flowers:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#3 Horokeu

Horokeu
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:04:18 AM

Posted 28 January 2007 - 03:23 PM

thx orange blossom for the quickness in help, ima try this rite away...*goin*

if neone has ne other ideas feel free to comment, ill post a link from this topic to the new topic after i do the hjt log.

thx all and orangeblossom, Horokeu




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users