42 replies to this topic

[Matty.N]

I've sent a PM with email address...

Here's just a couple that's came up so far, i'm sure it'll reveal many online addictions...

Zlob.VideoActiveXObject
Zlob.VideoActiveXAccess
Zlob.Downloader.ned
Win32.FraudLoad.edt
Win32.Delf.rtk
Win32.BHO.sx

Zlob trojan - Wikipedia, the free encyclopedia

Trojan-Downloader.Win32.FraudLoad.abk Removal Instructions and Information :: Uninstall, Remove and Delete Trojan-Downloader.Win32.FraudLoad.abk

Do you reckon that once the scan is complete (what's after that - i take it it'll give me the option to fix/delete the files?), the next step is to repair the registry - what's the chances i'll get that done?

id recommend a fresh reinstall & copy what documents you have as quickly as you can

as for the registry, i doubt it will be repairable by programs but will have to do it manually, a google search searching for what needs to be done should suffice, but only mess with the registry at you own risk

[mattyballs]

I've sent a PM with email address...

Here's just a couple that's came up so far, i'm sure it'll reveal many online addictions...

Zlob.VideoActiveXObject
Zlob.VideoActiveXAccess
Zlob.Downloader.ned
Win32.FraudLoad.edt
Win32.Delf.rtk
Win32.BHO.sx

Do you reckon that once the scan is complete (what's after that - i take it it'll give me the option to fix/delete the files?), the next step is to repair the registry - what's the chances i'll get that done?

carry on till its done m8,,,did u get me email..with bits

[stuart4000]

Yep, got the email, with bits.

Having to run the scan again, when it got near the end, it popped up an error and said it needed to close - i'm hoping that was a one off...

[mattyballs]

Yep, got the email, with bits.

Having to run the scan again, when it got near the end, it popped up an error and said it needed to close - i'm hoping that was a one off...

yeah so do i....did u get them exes ok you better try em out..cos im shite at attachments..lol

[stuart4000]

MessageSkinner.rtk
Altnet
Advanced Cleaner
FunWebProducts
MagicAntiSpy
Microsoft.Windows.FileExe
MyWay.MyBar
MyWay.MyWebSearch
Smitfraud-C
Smitfraud-C.generic
Spyware-Secure
Virtumonde.sci
Win32.BHO.sx
Win32.FraudLoad.edt
Zlob (see above post)...
Win32.Delf.rtk

Near the end now - take it i'm hitting the fix button next?

[mattyballs]

MessageSkinner.rtk
Altnet
Advanced Cleaner
FunWebProducts
MagicAntiSpy
Microsoft.Windows.FileExe
MyWay.MyBar
MyWay.MyWebSearch
Smitfraud-C
Smitfraud-C.generic
Spyware-Secure
Virtumonde.sci
Win32.BHO.sx
Win32.FraudLoad.edt
Zlob (see above post)...
Win32.Delf.rtk

Near the end now - take it i'm hitting the fix button next?

finger xed

[Matty.N]

messenger skinner, if thats part of MSN plus or its an addon for MSN Plus then that should be safe to add as ive got/had it & never had no problems thrown up by the evilest of all security..... norton D:

if not part of msn plus then dont reinstall

[stuart4000]

Win32.TDSS.reg
Win32.TDSS.rtk

couple of late additions

[stuart4000]

It fixed everything (apparently) apart from:

Win32.BHO.sx
Virtumonde.sci
Smitfraud-C.

It's saying to run the program again on a restart - which i'll do tomorrow.

Cheers for the help so far - i'll copy everything I need tomorrow morning just in case.

Matty - can you let me know when you'll be about tomorrow so you can step me through the bits of the email?

Cheers guys.

[mattyballs]

It fixed everything (apparently) apart from:

Win32.BHO.sx
Virtumonde.sci
Smitfraud-C.

It's saying to run the program again on a restart - which i'll do tomorrow.

Cheers for the help so far - i'll copy everything I need tomorrow morning just in case.

Matty - can you let me know when you'll be about tomorrow so you can step me through the bits of the email?

Cheers guys.

i sent u 2 mails..the first one..i didnt compress the files so fkin email security may have said no to sendin em..(usual safety thing)...so i sent em again but packaged up..so go with the second lot tomorrow...will be about pm onwards m8....good luck

[Matty.N]

i sent u 2 mails..the first one..i didnt compress the files so fkin email security may have said no to sendin em..(usual safety thing)...so i sent em again but packaged up..so go with the second lot tomorrow...will be about pm onwards m8....good luck

upload em to megaupload but not rapidshare as that is poo

[mattyballs]

upload em to megaupload but not rapidshare as that is poo

were sent direct..m8..i just forgot to rar the first lot..

so "the email said no"..........2nd lot went ok

[Zoltar]

You could always try doing 'System Restore' from 'SAFE MODE' if the computer won't let you use it.

Also, a tip for the future. You will get far better results running any scans whilst your computer is in SAFE MODE when you do them.

Noticed how some scans ask you to restart your computer in order to complete the scan? This is because the scanning software can't remove some of the offending problems simply because those problems are already running and generate an 'access denied' warning to the scanning software. So the scanning software asks you to re-boot, and it grabs the problem files before they have an opportunity to run. Once they are running, they will be almost impossible to get rid of. So do your scanning, system restore, and virus checks in SAFE MODE.

So on that same theory, if theres some virus ect... that is stopping System Restore, trying in SAFE MODE before that virus file starts, may be worth a try.

[saynowt]

malware bytes gets rid of smithfraud c

[todd1970]

In situations like this sometimes its easier to take the 'easy' way out bite the bullet and back up your data,format and reinstall windows.

You can spend hours upon hours getting rid of X-file and Y-file only to find its manifested itself again into your registry upon a reboot..viruses like this are notoriously difficult to get rid of.

[stuart4000]

Well it seems on the surface that Spybot has helped - it ran on startup and found a couple of things.

Unlike last night I can now access .exe icons from the desktop.

There's no Russian women advertising in my browswer window either.

Thanks for the above folks, although i'm aware i'm not out of the woods yet - registry scan will be next (when Mattyballs is online to step me through it).

[kriss]

....bit like the virus/Trojan what ever the f*ck it was I got about a month ago, done a complete re-install of my whole system using disks ...f*ckers aint they!...them trojans and that lot.

[stuart4000]

Aye, they're a bastard!

[mattyballs]

sent u a mail m8...soz bout speeelin:biglaugh:

[stuart4000]

Well, it looks like i've managed to save myself from the depths for just now (everything appears back to normal - we'll see how long it lasts).

Huge thanks goes to mattyballs for stepping me through a couple of things, pointing me in the direction of "aquirable" software and the like.

There are some damn good people on here, i've never spoken with matty before last night, and he put up with my low level of knowledge in dealing with this.

A donation to the site will be forthcoming - as soon as someone removes me from the current list of 2.38 million unemployed... but that's another thread.

Cheers
Stuart