Troj_zlob.bvp

Z

Zargot

New Member
hi.

im having a slight problem. my system is infected with a virus called TROJ_ZLOB.BVP. my computer should be relatively safe from viruses, as i have AVG Free Edition, Spybot - Search & Destroy and Trend Micro internet Security (got it with my pc but they stopped updating it..)

trend micro detects this virus but is unable to do anything with it. *scan action was unsuccessful*

ive tried doing selective startup (might not be called that but my pc is in norwegian. its the thing where you go on the start-menu, RUN, write in MSconfig and have your pc restart without anything loading)

anyways, i know what file is infected with the virus. its C:\Programfiler\Video Active X\Object\isadd.dll

some sight lured me into thinking i had to download a program and install it to view the video files.. so mad at myself cus i know im smarter than that. anyways, back to my blablabla-ing.

after the selective startup, i tried to delete the files from the folder but it still said that the files is in use so i cant delete them. i did a CTRL+ALT+DELETE, looked on the processes (?) tab and there i saw a few processes, amongst them Isamini.exe and Isamntr.exe. guess what the files sharing a folder with the infected file is called..?

i tried to cancel these processes and then delete the files, but the processes just popped right back up.

anyone know what i should do? cus its really starting to creep me out:mad:
 
take your Hard drive off and put it in a pc with Strong & updated protection such as Mcafee,Bitdefender10,Avast,AviraAntivir 7,or Norton 06...this way the antivirus can freely delete files as they are not in use (or locked by another process)..also make sure to run spyware and/or trojan scans you never know !!...you shud also consider running scans in safe mode ,ok ?...hope it works out for ya..
cheers
 
Download Smitfraudfix to the desktop.
http://siri.urz.free.fr/Fix/SmitfraudFix.exe

You should print out these instructions, or copy them to a Notepad file for reading while in Safe Mode, because you will not be able to connect to the Internet to read from this site.

Reboot your computer in Safe Mode by doing the following :
  • Restart your computer
  • After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
  • Instead of Windows loading as normal, a menu with options should appear;
  • Select the first option, to run Windows in Safe Mode, then press "Enter".
  • Choose your usual account.
Once in Safe Mode, open the SmitfraudFix folder again and double-click smitfraudfix.cmd
Select option #2 - Clean by typing 2 and press "Enter" to delete infected files.

You will be prompted : "Registry cleaning - Do you want to clean the registry ?"; answer "Yes" by typing Y and press "Enter" in order to remove the Desktop background and clean registry keys associated with the infection.

The tool will now check if wininet.dll is infected. You may be prompted to replace the infected file (if found); answer "Yes" by typing Y and press "Enter".


The tool may need to restart your computer to finish the cleaning process; if it doesn't, please restart anyway into normal Windows. A text file will appear onscreen, with results from the cleaning process; please copy/paste the content of that report into your next reply.
The report can also be found at the root of the system drive, usually at C:\rapport.txt
 
I can clean that infection in 10 mins, haha. It's jsut an advertisement. Go to taht folder, there should be 4 or more files inside of it. Note their file names. Go to www.sysinternals.com. Click on "Process Utilities", download "Process Explorer". Find the four ".exe" applications that are in the Video ActiveX Object folder, within Process Explorer. First, suspend all 4 of them. Then kill them. With the applications not running you will be able to delete them. There are still 2 "dll" files attached to internet explorer.

Open up a command prompt, navigate to the "Video ActiveX Object" folder.

type: cacls filename.dll /p guest:n (hit enter)
hit "y" for yes

type: Cacls otherfilename.dll /p guest:n (hit enter)
hit "y" for yes.

Restart computer, delete the folder.

Post up with any questions to clarify. I'll watch the thread.
 
Troj_zlob.bvp virus

I can't thank you all enough for the information about how to remove this thing.

The Smitfraudfix worked the first time. My computer is back to normal.

THANK YOU - THANK YOU - THANK YOU :D :D :D

I was ready to throw it out the window. :eek:
 
New Offers from Vasile Zalupu

Hi there!
Compare and apply now for a balance transfer credit card!
Transfer your high balances now!
Bad Credit Credit Cards
Have a nice day!
BB!




P.S. if you don't want to see this message please write us to [email protected] with subject "NO ADS" and URL of your forum!
Your URL will be immediately removed from the advertising list!
Thank you for cooperation!
 
You must log in or register to reply here.
Back
Top