Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I Am Infected With Zlob And More....


  • Please log in to reply
12 replies to this topic

#1 Logix69

Logix69

  • Members
  • 104 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Kent
  • Local time:10:44 PM

Posted 10 May 2007 - 04:13 AM

i have used kaspersky online antivirus and i saved the log i am downloading their trial version will that clear it all up????????

-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Thursday, May 10, 2007 10:01:33 AM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 10/05/2007
Kaspersky Anti-Virus database records: 297042
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: standard
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\
E:\

Scan Statistics:
Total number of scanned objects: 148089
Number of viruses found: 2
Number of infected objects: 7 / 0
Number of suspicious objects: 0
Duration of the scan process: 03:12:04

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Application Data\McAfee\MNA\NAData Object is locked skipped
C:\Documents and Settings\All Users\Application Data\McAfee\MPF\data\log.edb Object is locked skipped
C:\Documents and Settings\All Users\Application Data\McAfee\MPF\data\logout.edb Object is locked skipped
C:\Documents and Settings\All Users\Application Data\McAfee\MSC\Logs\Events.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\McAfee\MSC\Logs\{5178567C-9FC3-4D72-8B21-AD74B3F1425A}.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\McAfee\MSC\Logs\{5CFF581D-9941-4A8D-91E0-EDEC29E77F5D}.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\McAfee\MSC\McUsers.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\McAfee\MSK\MSKWMDB.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\McAfee\MSK\RBLDB.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\McAfee\MSK\settingsdb.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\McAfee\VirusScan\Data\TFR1.tmp Object is locked skipped
C:\Documents and Settings\All Users\Application Data\McAfee\VirusScan\Logs\OAS.Log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT.LOG Object is locked skipped
C:\Documents and Settings\Owner\Application Data\McAfee\MBK\ARBUSFILE.GDB Object is locked skipped
C:\Documents and Settings\Owner\Application Data\SiteAdvisor\SiteAdv.csh Object is locked skipped
C:\Documents and Settings\Owner\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\ApplicationHistory\McAfeeDataBackup.exe.e548c4c.ini.inuse Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temp\fb_2148.lck Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temp\hpotdd001.log Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temp\nsb2F4.tmp Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temp\~DFBEEB.tmp Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Owner\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Owner\NTUSER.DAT.LOG Object is locked skipped
C:\Program Files\Video ActiveX Access\iesbpl.dll Infected: Trojan-Downloader.Win32.Zlob.aeg skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{D3B0980A-A7B3-456A-A4BD-8F74FA72BA53}\RP147\A0010860.exe/stream/data0006 Infected: Trojan-Downloader.Win32.Zlob.btl skipped
C:\System Volume Information\_restore{D3B0980A-A7B3-456A-A4BD-8F74FA72BA53}\RP147\A0010860.exe/stream Infected: Trojan-Downloader.Win32.Zlob.btl skipped
C:\System Volume Information\_restore{D3B0980A-A7B3-456A-A4BD-8F74FA72BA53}\RP147\A0010860.exe NSIS: infected - 2 skipped
C:\System Volume Information\_restore{D3B0980A-A7B3-456A-A4BD-8F74FA72BA53}\RP147\A0010861.exe/stream/data0006 Infected: Trojan-Downloader.Win32.Zlob.btl skipped
C:\System Volume Information\_restore{D3B0980A-A7B3-456A-A4BD-8F74FA72BA53}\RP147\A0010861.exe/stream Infected: Trojan-Downloader.Win32.Zlob.btl skipped
C:\System Volume Information\_restore{D3B0980A-A7B3-456A-A4BD-8F74FA72BA53}\RP147\A0010861.exe NSIS: infected - 2 skipped
C:\System Volume Information\_restore{D3B0980A-A7B3-456A-A4BD-8F74FA72BA53}\RP147\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\Temp\fb_1640.lck Object is locked skipped
C:\WINDOWS\Temp\mcafee_l0k805gGMUPW2cz Object is locked skipped
C:\WINDOWS\Temp\mcafee_LVsCJLvtGjatpB2 Object is locked skipped
C:\WINDOWS\Temp\mcmsc_1hSVyDca4Jp5hHE Object is locked skipped
C:\WINDOWS\Temp\mcmsc_2NUWja7HlxxMbuc Object is locked skipped
C:\WINDOWS\Temp\mcmsc_Ts4ioboEidsjQgE Object is locked skipped
C:\WINDOWS\Temp\mcmsc_XGrKgDjZunf6TI8 Object is locked skipped
C:\WINDOWS\Temp\mcmsc_XUsr3D4CSe2taFX Object is locked skipped
C:\WINDOWS\Temp\sqlite_1c0KbGEjXKQATWt Object is locked skipped
C:\WINDOWS\Temp\sqlite_33VbDTcWVm8wWTZ Object is locked skipped
C:\WINDOWS\Temp\sqlite_na9c8isQE1tTJCQ Object is locked skipped
C:\WINDOWS\Temp\sqlite_ZH8iecqiT5y1Nji Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
D:\System Volume Information\_restore{D3B0980A-A7B3-456A-A4BD-8F74FA72BA53}\RP147\change.log Object is locked skipped

Scan process completed.

BC AdBot (Login to Remove)

 


#2 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:44 AM

Posted 10 May 2007 - 04:22 AM

I believe that SuperAntiSpyware can remove this (run it in safe mode).

If that doesn't work try this: How to remove the Smitfraud / Generic Zlob / Quicknavigate / Virtual Maid

Edited by Budapest, 10 May 2007 - 04:23 AM.

The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#3 Logix69

Logix69
  • Topic Starter

  • Members
  • 104 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Kent
  • Local time:10:44 PM

Posted 10 May 2007 - 03:42 PM

cheers mate it found 80 things on my computer runs better but computer took 15mis to startup because of mcafee and kaspersky i couldnt click on any thing then i tryed to uninstall kaspersky and it said that it was locked by windows? its always one thing after another but i went into the directory and deleted like that but i have now got to clean registry..

preventing it again.........

i have mcafee security center always keep up to date and mcafee site advisor which i have found to be help full but i still keep getting things go wrong.. i try to keep away from active x but that seems how i got it in the first place

many thanks

#4 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:44 AM

Posted 11 May 2007 - 12:07 AM

It's never a good idea to have two antu-virus programs on your computer at the same time. They tend to fight each other and actually leave you less protected than just using one. It is good pratice to run an on-line virus scan from time to time as a back up to your regular one.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#5 Logix69

Logix69
  • Topic Starter

  • Members
  • 104 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Kent
  • Local time:10:44 PM

Posted 11 May 2007 - 02:02 AM

deleting those spyware and adware has done something to internet explorer it isnt loading pages up proply it was saying somthing todo with jscript so i was wondering if i have got to update my java console?

#6 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:44 AM

Posted 11 May 2007 - 02:06 AM

It wouldn't hurt to try. Go to Add/Remove Programs in the Control Panel and remove anything related to Java. Then go here and download Java Runtime Environment (JRE) 6u1.

See also:

How to Troubleshoot Script Errors in Internet Explorer

Edited by Budapest, 11 May 2007 - 02:09 AM.

The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#7 Logix69

Logix69
  • Topic Starter

  • Members
  • 104 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Kent
  • Local time:10:44 PM

Posted 11 May 2007 - 04:01 AM

i am clicking the link to download it but nothing is happening??????

#8 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:44 AM

Posted 11 May 2007 - 04:13 AM

It works okay for me. Try this page.

You have to click to accept the licence agreement and then download the first one: Windows Offline Installation, Multi-language
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#9 Logix69

Logix69
  • Topic Starter

  • Members
  • 104 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Kent
  • Local time:10:44 PM

Posted 11 May 2007 - 04:17 AM

that works but only in firefox and not in IE7 IE7 when i load pages up all i get is a white screen and it says in the bottom left that the page is done?? any ideas

#10 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:44 AM

Posted 11 May 2007 - 04:23 AM

No idea really :thumbsup:

Does it happen on all pages or only the Java download page?
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#11 Logix69

Logix69
  • Topic Starter

  • Members
  • 104 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Kent
  • Local time:10:44 PM

Posted 11 May 2007 - 04:25 AM

i am getting a message pop up on the screen saying ( this software cannot be installed because j script is not properly registered. please repair jscript then restart installer )

not on all pages but i carnt access emails or ebay or most pages on web..

#12 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:44 AM

Posted 11 May 2007 - 04:32 AM

Try this. Type the following at the command prompt:

c:\regsvr32.exe jscript.dll
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#13 Logix69

Logix69
  • Topic Starter

  • Members
  • 104 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Kent
  • Local time:10:44 PM

Posted 11 May 2007 - 04:37 AM

it is saying that windows cannot find it. plus i can use the clickable smilies on fire fox but not in IE7, i will be back online in an hour i have got to go out but if you can reply with any ideas i would be gratfull and i will try them when i get back.. thanks




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users