| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 92657 | 2008-08-17 22:50:00 | Trojan Spyware. Help | CooLAiR (14094) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 698190 | 2008-08-18 01:14:00 | Well tick the entries the entries I posted anyway then tick fix checked. We'll figure it out later Then reboot then get the other programs |
Speedy Gonzales (78) | ||
| 698191 | 2008-08-18 02:37:00 | ok i have got trojan remover (trial version) now this thing shows up untitled.jpg - 0.13MB (www.zshare.net) what to do now and one more thing should i get free trial version of malware removal? and u diddn't answer that is there a way that the spyware could have turned on the camera and recorded sound and video without letting me know? |
CooLAiR (14094) | ||
| 698192 | 2008-08-18 02:52:00 | Like I said, it depends what the trojan is and what it can do. That entry is ok leave it there (select the 1st option). And let it scan the rest of the registry Spyware doesnt usually turn a camera on, if youre worried unplug it Malwarebytes is free. You only have to pay for it, if u want real-time protection. Which you dont need Download it update it then click on scan |
Speedy Gonzales (78) | ||
| 698193 | 2008-08-18 02:59:00 | but i m using a laptop?? what should i do now? and now i have got this untitled.jpg - 0.16MB (www.zshare.net) |
CooLAiR (14094) | ||
| 698194 | 2008-08-18 03:01:00 | Hi Coolair I am pretty sure that spyware or trojans are unable to turn on hardware such as cameras and record what you do. But for the sake of security, turn off pc once you have finished working with it. What Speedy instructed you to do is perfectly correct, and trojan remover should find, and help you remove, any malware you have installed in your pc. But remember to turn off system restore first and reboot the pc. Another couple of software that can help with your problem are "Spybot Search & Destroy" and Ad-Aware, they can be downloaded if you do a google search. Once you have removed all the nasties and your pc is running good, invest in a good security suite such as eset, because they can most often help you avoiding getting nasties in the first place. |
Sanco (683) | ||
| 698195 | 2008-08-18 03:06:00 | Thanks Sanco I have disabled system restore . but i m not sure wat do u mean by rebooting. does it mean restarting u r computer? |
CooLAiR (14094) | ||
| 698196 | 2008-08-18 03:07:00 | Thats it reboot = restart it | Speedy Gonzales (78) | ||
| 698197 | 2008-08-18 04:06:00 | Thats it reboot = restart it He wouldn't be called Speedy Gonzales otherwise...:p |
Sanco (683) | ||
| 698198 | 2008-08-18 18:06:00 | Malwarebytes' Anti-Malware 1.25 Database version: 1062 Windows 6.0.6000 9:36:42 AM 18/08/2008 mbam-log-08-18-2008 (09-36-42).txt Scan type: Full Scan (C:\|D:\|E:\|) Objects scanned: 138968 Time elapsed: 11 hour(s), 57 minute(s), 48 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 14 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 13 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWay) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\MediaHoldings (Adware.PlayMP3Z) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Mirar (Adware.Mirar) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\PlayMP3 (Adware.PlayMP3Z) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\W MPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\multimediaControls.chl (Trojan.Zlob) -> Quarantined and deleted successfully. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\Program Files\Windows Live\Messenger\riched20.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\Applications\myd.ico (Trojan.Zlob) -> Quarantined and deleted successfully. C:\Program Files\Applications\mym.ico (Trojan.Zlob) -> Quarantined and deleted successfully. C:\Program Files\Applications\myp.ico (Trojan.Zlob) -> Quarantined and deleted successfully. C:\Program Files\Applications\myv.ico (Trojan.Zlob) -> Quarantined and deleted successfully. C:\Program Files\Applications\ot.ico (Trojan.Zlob) -> Quarantined and deleted successfully. C:\Program Files\Applications\ts.ico (Trojan.Zlob) -> Quarantined and deleted successfully. C:\Users\Grewal\My Documents\My Music\My Music.url (Trojan.Zlob) -> Quarantined and deleted successfully. C:\Users\Grewal\My Documents\My Pictures\My Pictures.url (Trojan.Zlob) -> Quarantined and deleted successfully. C:\Users\Grewal\My Documents\My Videos\My Video.url (Trojan.Zlob) -> Quarantined and deleted successfully. C:\Users\Grewal\My Documents\My Documents.url (Trojan.Zlob) -> Quarantined and deleted successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Antivirus Scan.url (Trojan.Zlob) -> Quarantined and deleted successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Online Spyware Test.url (Trojan.Zlob) -> Quarantined and deleted successfully. |
CooLAiR (14094) | ||
| 698199 | 2008-08-18 18:08:00 | That is the log from malware bytes it found 27 problem and then fixed em. After seeingg that could u please tell me what actually does this trojan zlob thing do? thanks for this help. really appreciated |
CooLAiR (14094) | ||
| 1 2 3 | |||||