Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Spywarelocked Removal For Vista


  • Please log in to reply
6 replies to this topic

#1 smackenzie

smackenzie

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:10:56 AM

Posted 31 March 2007 - 07:24 AM

I have been asked to look at a brand new laptop running Vista which has become infected with the Spywarelocked / Zlob Trojan. The symptoms are (1) the usual spoof spyware warnings, and (2) Windows Explorer repeatedly shuts down and restarts, rendering the machine all but unusable, even in safe mode. The machine resists attempts to install, update and run anti-spyware apps such as Spybot S&D; I've tried running smitfraudfix, but have since read that the currently available version does not work in Vista - and it has not worked for me.

So, two questions: one, is there a Vista version of smitfraudfix available yet; and two, is there any other effective removal option at present? Plan B is to copy the user data and reinstall Vista, which may be just as quick anyway.

Sandy Mackenzie

BC AdBot (Login to Remove)

 


#2 tg1911

tg1911

    Lord Spam Magnet


  • Members
  • 19,274 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:SW Louisiana
  • Local time:03:56 AM

Posted 31 March 2007 - 10:57 PM

Have you tried Grinler's self-help guide:
How To Remove Spylocked And Spywarelocked (removal Instructions)
MOBO: GIGABYTE GA-MA790X-UD4P, CPU: Phenom II X4 955 Deneb BE, HS/F: CoolerMaster V8, RAM: 2 x 1G Kingston HyperX DDR2 800, VGA: ECS GeForce Black GTX 560, PSU: Antec TruePower Modular 750W, Soundcard: Asus Xonar D1, Case: CoolerMaster COSMOS 1000, Storage: Internal - 2 x Seagate 250GB SATA, 2 x WD 1TB SATA; External - Seagate 500GB USB, WD 640GB eSATA, 3 x WD 1TB eSATA

Become a BleepingComputer fan: Facebook

#3 Charles Wendell Davis

Charles Wendell Davis

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:02:56 AM

Posted 01 April 2007 - 04:48 PM

I was infected by the same thing. :thumbsup:

However, after following the instructions on the link in the above post, nothing changed. I even paid Panda Software for their program. It would see the problem, but couldn't fix it.

Finally, I ran across Prevx1. http://www.prevx1.com/ They have a free version that removed it on the first try. I scanned a second time and it came up clean. :flowers:

Good luck to you.

#4 buddy215

buddy215

  • Moderator
  • 13,313 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:04:56 AM

Posted 01 April 2007 - 05:01 PM

Not only does Super Antispyware claim to be able to remove the Smitfraud infections, but I saw in two other forums where the user said it worked. It is free for the home user.
http://www.superantispyware.com/
Recommend running in safe mode
“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#5 science

science

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:03:56 AM

Posted 02 April 2007 - 10:25 PM

I actually had some serious problems with Prevx1. It did get rid of a virus that I had at one time (spywareQuake) ~ but I was never able to remove all of the files of prevx1 off of my computer. I uninstalled it, and it keeps popping something up in my task manager processes.

#6 smackenzie

smackenzie
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:10:56 AM

Posted 03 April 2007 - 11:12 AM

Thanks to everyone who replied - but especially Buddy215 - SuperAntiSpyware did the trick. I found that I couldn't complete the installation of Prevx1, so it didn't help me at all.

I would also add that, for anyone who finds that because Windows Explorer keeps crashing and restarting, they can't get access to anything at all, this is how I finally got round that problem:

Open Windows Task Manager, and, using the File Menu / Run new task option, open 2 or 3 Explorer windows. The crash / restart cycle only operates on the first one; the others are usable, and this means you can once more run and install any program on the machine.

Thanks again to all respondents.

#7 buddy215

buddy215

  • Moderator
  • 13,313 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:04:56 AM

Posted 03 April 2007 - 11:20 AM

Haven't seen that "work around" before. Clever. Will put that one in the Help File. Thanks, and glad the Super Antispyware worked for you.
“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users