Zlob.Trojan

  • Thread starter Thread starter Hubert Rétif
  • Start date Start date
Re: Zlob.Trojan

Hii Dave,
Thanks a lot man. It did work. I feel so relax now. I got my lappy
scanned and found there were 7-8 infected files. Deleted all and now
nothing is there. All corrupted files were from System Volume
Information. these were initialed with YUR. Anyways now its all fine.
Thanks again for that. I would like to know if you are appointed by
googles or microsoft to help users or you do it just be yourself?
Being a novice i may need your help in future.

Thanks and Regards
Zafar
 
Re: Zlob.Trojan

From: "mariner_simple" <z.n.alam@gmail.com>

| Hii Dave,
| Thanks a lot man. It did work. I feel so relax now. I got my lappy
| scanned and found there were 7-8 infected files. Deleted all and now
| nothing is there. All corrupted files were from System Volume
| Information. these were initialed with YUR. Anyways now its all fine.
| Thanks again for that. I would like to know if you are appointed by
| googles or microsoft to help users or you do it just be yourself?
| Being a novice i may need your help in future.

| Thanks and Regards
| Zafar


Zafar:

Thatnx for the update.

I have no relationship with either Google nor Microsoft.

I am just somebody who has been professionally dealing with malware for some 17 or so
years and I have been in Usenet reseraching malware and assisting the infected for almost
as long.

If you have problems in the future (and I hope you never do have malware in the future),
please feel free to "ping" me for assistance.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
 
Re: Zlob.Trojan

Hii Dave
How are you doing? I am again in a mess. I have 2 kind of problems I
hope U'll help me.
1) A couple of days back I found something strange on my F Drive.There
was an autorun file which has internet explorer icon along with an
autorun setup information type file. I tried to delete it thinking it
to be virus (as it had come on its own) but to my surprise it came
again on its own within a couple of seconds. I opened the "setup
information file" which is basically a notepad and found :
[Autorun]
open=Autorun.exe
Icon = Autorun.exe

Now I deleted these commands from this notepad and saved blank
notepad, and then deleted both the files.But this all is to no avail
it came back and to my surprise the same commands were there again in
that setup info notepad.
Now I clicked on the Autorun (Internet Explorer Icon) the a pop up
came which says that "this is being run in compatibility mode and not
all features are enabled" on closing that pop up Internet Explorer
launches. Then I went for a complete virus scan using MBAM
(Malwarebytes) AVG and then McAfee but these could not find anything
malicious.
Yesterday there was something more I found that the icon of F Drive
(where the problem started) has been changed on its own to that of
Internet Explorer Icon :( dont know how big is the trap..
Today I found that one of the above mentioned file from the F Drive
has gone on its own (the file with internet explorer icon) but the
system info file is still there. I downloaded SAS (super antispyware)
it found some 75 threats 25 were from registry and rest were other
files. Most were tracking files. But the files I was concerned was
still there.

2) Now today something more happened. I had this another antispyware
on my lappy (i gss some spyhunter or something) which I uninstalled
through add/remove route. after uninstalling was completed it asked if
I want to restart my lappy and clicked yes. But nothing happened. no
restart sequence began. Then I tried to restart/shutdown manually but
again nothing happened. It remains as it is.
Do you think it can happen because of the removal of that
antispyware?? What can I do to solve this problem?

This is just to tell you that I am using Mozilla Firefox, I have Win
XP in my laptop.
If you need any more information do mail me. I will be thankful if you
could help me out of this problem.

Regards
Zafar
 
Re: Zlob.Trojan

From: "mariner_simple" <z.n.alam@gmail.com>

| Hii Dave
| How are you doing? I am again in a mess. I have 2 kind of problems I
| hope U'll help me.
| 1) A couple of days back I found something strange on my F Drive.There
| was an autorun file which has internet explorer icon along with an
| autorun setup information type file. I tried to delete it thinking it
| to be virus (as it had come on its own) but to my surprise it came
| again on its own within a couple of seconds. I opened the "setup
| information file" which is basically a notepad and found :
| [Autorun]
| open=Autorun.exe
| Icon = Autorun.exe

| Now I deleted these commands from this notepad and saved blank
| notepad, and then deleted both the files.But this all is to no avail
| it came back and to my surprise the same commands were there again in
| that setup info notepad.
| Now I clicked on the Autorun (Internet Explorer Icon) the a pop up
| came which says that "this is being run in compatibility mode and not
| all features are enabled" on closing that pop up Internet Explorer
| launches. Then I went for a complete virus scan using MBAM
| (Malwarebytes) AVG and then McAfee but these could not find anything
| malicious.
| Yesterday there was something more I found that the icon of F Drive
| (where the problem started) has been changed on its own to that of
| Internet Explorer Icon :( dont know how big is the trap..
| Today I found that one of the above mentioned file from the F Drive
| has gone on its own (the file with internet explorer icon) but the
| system info file is still there. I downloaded SAS (super antispyware)
| it found some 75 threats 25 were from registry and rest were other
| files. Most were tracking files. But the files I was concerned was
| still there.

| 2) Now today something more happened. I had this another antispyware
| on my lappy (i gss some spyhunter or something) which I uninstalled
| through add/remove route. after uninstalling was completed it asked if
| I want to restart my lappy and clicked yes. But nothing happened. no
| restart sequence began. Then I tried to restart/shutdown manually but
| again nothing happened. It remains as it is.
| Do you think it can happen because of the removal of that
| antispyware?? What can I do to solve this problem?

| This is just to tell you that I am using Mozilla Firefox, I have Win
| XP in my laptop.
| If you need any more information do mail me. I will be thankful if you
| could help me out of this problem.

| Regards
| Zafar

Well you have the indications of an AutoRun Worm and maybe something else.



Download and execute HiJack This! (HJT)
http://www.trendsecure.com/portal/en-US/threat_analytics/HJTInstall.exe

Then post the contents of the HJT log in your post in one of the below expert forums...

{ Please - Do NOT post the HJT Log here ! }

Forums where you can get expert advice for HiJack This! (HJT) Logs.

NOTE: Registration is REQUIRED in any of the below before posting a log

Suggested primary:
http://www.thespykiller.co.uk/index.php?board=3.0

Suggested secondary:
http://www.bleepingcomputer.com/forums/forum22.html
http://castlecops.com/forum67.html
http://www.malwarebytes.org/forums/index.php?showforum=7

Suggested tertiary:
http://www.dslreports.com/forum/cleanup
http://www.cybertechhelp.com/forums/forumdisplay.php?f=25
http://www.atribune.org/forums/index.php?showforum=9
http://www.geekstogo.com/forum/Malware_Removal_HiJackThis_Logs_Go_Here-f37.html
http://gladiator-antivirus.com/forum/index.php?showforum=170
http://forum.networktechs.com/forumdisplay.php?f=130
http://forums.maddoktor2.com/index.php?showforum=17
http://www.spywarewarrior.com/viewforum.php?f=5
http://forums.spywareinfo.com/index.php?showforum=18
http://forums.techguy.org/f54-s.html
http://forums.tomcoyote.org/index.php?showforum=27
http://forums.subratam.org/index.php?showforum=7
http://www.5starsupport.com/ipboard/index.php?showforum=18
http://aumha.net/viewforum.php?f=30
http://makephpbb.com/phpbb/viewforum.php?f=2
http://forums.techguy.org/54-security/
http://forums.security-central.us/forumdisplay.php?f=13


--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
 
Re: Zlob.Trojan

I am doing what you have said.
But what about the 2nd problem i.e. my laptop is not shutting down?
Can you suggest any forun where I can raise this issue?
 
Re: Zlob.Trojan

mariner_simple wrote:

> I am doing what you have said.
> But what about the 2nd problem i.e. my laptop is not shutting down?
> Can you suggest any forun where I can raise this issue?

In all probability your laptop isn't shutting down because it is infected.
Get the laptop completely cleaned up first and then if you still have the
problem, post back.

Malke
--
MS-MVP
Elephant Boy Computers - Don't Panic!
FAQ - http://www.elephantboycomputers.com/#FAQ
 
Re: Zlob.Trojan

Hii Malke,
Got your point.
I am doing as Dave has recommended. I mean I have already posted my
HJT Log in the forum and I am waiting for any expert comment there.
Till then you are free :) as I wont be bothering you..
Regards
Zafar
(I guess you and Dave work together..??)
 
Re: Zlob.Trojan

mariner_simple wrote:

> Hii Malke,
> Got your point.
> I am doing as Dave has recommended. I mean I have already posted my
> HJT Log in the forum and I am waiting for any expert comment there.
> Till then you are free :) as I wont be bothering you..
> Regards
> Zafar
> (I guess you and Dave work together..??)

No, we don't work together. We just often are of the same mind. ;-)

Malke
--
MS-MVP
Elephant Boy Computers - Don't Panic!
FAQ - http://www.elephantboycomputers.com/#FAQ
 
Re: Zlob.Trojan

Hii Dave/Malke,
How are you people doing.
First of all thanks for all the help you people given me here at this
forum in getting rid of my problems.
Now I am free of problems related to viruses.
But I would like to keep bugging you with my new querries :) hope you
dont mind.
Actually I want to increase the partition size of my C Drive . I have
win XP in my lappy. Its hard drive is partitioned in 3 parts C:10GB, D:
10GB & E:20GB. But it seems that I need some more space for C drive.
Could you tell me if it is possible? What all ways are there for the
same?
Regards
Zafar
 
Re: Zlob.Trojan

From: "mariner_simple" <z.n.alam@gmail.com>

| Hii Dave/Malke,
| How are you people doing.
| First of all thanks for all the help you people given me here at this
| forum in getting rid of my problems.
| Now I am free of problems related to viruses.
| But I would like to keep bugging you with my new querries :) hope you
| dont mind.
| Actually I want to increase the partition size of my C Drive . I have
| win XP in my lappy. Its hard drive is partitioned in 3 parts C:10GB, D:
| 10GB & E:20GB. But it seems that I need some more space for C drive.
| Could you tell me if it is possible? What all ways are there for the
| same?
| Regards
| Zafar

Zafar:

In the future, please create your OWN new post. We will respond if possible.

As for your question...
You need software such as Partition Magic.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
 
Re: Zlob.Trojan

> As for your question...
> You need software such as Partition Magic.

...but FIRST, ...a full back up !! :-)

....and a LOT of caution, and a significant amount of research. e.g. you
might like to Google on "Boot it NG" which used to be free ?
http://www.terabyteunlimited.com/bootit-next-generation-ss.htm and use
"slide" to move stuff away from the front end of your partitions etc.

regards, Richard


>
> --
> Dave
> http://www.claymania.com/removal-trojan-adware.html
> Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
>
>
 
Back
Top