SmartFeedSmartFeed          

Porsche Hangout


WELCOME - YOU ARE CURRENTLY VIEWING 419EATER AS A GUEST

By joining our community you will have the ability to post topics and access other forums reserved for members. Registration is quick, simple and absolutely free. Join our community today by clicking here.

ScamWarners.com - Internet Anti-Fraud Center - now open!


 zlob.trojan

View next topic
View previous topic
 
Post new topicReply to topic
Author Message
Nurse Nasty
Eloquent Noob


Joined: 31 Aug 2005
Posts: 7255
Location: Australia, where a dingo stole my eski


PostPosted: Wed Sep 10, 2008 12:40 pm Reply with quoteBack to top

stupid thing won't get off my machine.

Who knows of a free download tool that will get rid of it?

_________________
[Support 419Eater] l [Get Premium!] l [Helpful stuff] l [ScamWarners]

vv Nasty Predicaments vv
Porno-Lad
Musa Crocodile
Comic Lads


Starstarstarstarstar Easter Egg 2012
GoatPurple FlowerMc FryGolden PithGolden Pith
View user's profileSend private messageSkype Name
Rover
Site Admin


Joined: 13 Apr 2004
Posts: 15758
Location: North of the Limpopo


PostPosted: Wed Sep 10, 2008 12:46 pm Reply with quoteBack to top

You can remove it manually.

Instructions here

http://www.411-spyware.com/remove-zlob

_________________
Rover

Latest Anti Fraud News | Email Header Analysis | Help keep Eater running | Join 419Eater on Facebook Easter 2015
View user's profileSend private messageSend e-mailSkype Name
Inspector Gadget
Angel of unrealistic meetings


Joined: 20 Feb 2007
Posts: 6108
Location: Trumpton


PostPosted: Wed Sep 10, 2008 12:46 pm Reply with quoteBack to top

http://www.pctools.com/spyware-doctor/?ref=google_th&gclid=CL6pldOf0ZUCFQ0yQgodx0kNiA

That'll zap it. (hopefully)

Or spend an hour or so doing it manually :
honkingly long link

_________________
Easter 2015 x2 Pith Helmet Co bait with Rumbero Sao Tome island to Gabon van donation
Pith Helmet Co bait with Jayhawk and VJD. Stanley's bottle tour Aba to Lagos
Pith Helmet Pith Helmet Team Hector, airport in installments and St Louis to Kayes
Pith Helmet Halil, Cotonou to Accra
Pith Helmet + Sand Timer Precious 10/08/11
Cellphone x8 Nigeria Spain Mortar x33 Closed lad accounts x 73 Goat
grown up man like him, still doing all this shit games - Stanley, (he doesn't like Parcel Direct)
You again do the strange reflections stuffed with drugs? - Natalia
Sand Timer x3 Hector 24/1/13 Sand Timer Moses 15th Oct 2011
Pretty Rose Sand Timer x 2Mick Ole 11th Sept 2014-16 Sand Timer Asare Akuffo start 4th Aug 2014
View user's profileSend private messageSkype Name
Jimmy_Jones
Master Baiter


Joined: 01 Jul 2008
Posts: 153
Location: In my bed!!


PostPosted: Wed Sep 10, 2008 1:13 pm Reply with quoteBack to top

Nurse use Malware Antibytes

it removed 99.9% of stuff

might have to do it in safe mode

_________________
My avatar is not me
Cellphone pony pony Closed lad accounts x 1
I 'm a fucking scammer, send me money or leave me the fuck alone! - Tatyana
View user's profileSend private message
Nurse Nasty
Eloquent Noob


Joined: 31 Aug 2005
Posts: 7255
Location: Australia, where a dingo stole my eski


PostPosted: Wed Sep 10, 2008 10:19 pm Reply with quoteBack to top

I hate this bug.

Quote:
may disable your anti-spyware or anti-virus software and firewall, and block your access to anti-spyware sites. May be very difficult to manually remove.


I've gotten rid of it, I think. It just won't let me start zonealarm or visit any links that has the information to fix it. Evil or Very Mad Evil or Very Mad

_________________
[Support 419Eater] l [Get Premium!] l [Helpful stuff] l [ScamWarners]

vv Nasty Predicaments vv
Porno-Lad
Musa Crocodile
Comic Lads


Starstarstarstarstar Easter Egg 2012
GoatPurple FlowerMc FryGolden PithGolden Pith
View user's profileSend private messageSkype Name
Akai Ryu
Chuck Norris


Joined: 11 Jun 2007
Posts: 1369


PostPosted: Wed Sep 10, 2008 10:32 pm Reply with quoteBack to top

Quote:

I've gotten rid of it, I think. It just won't let me start zonealarm or visit any links that has the information to fix it.


Nope, still lingering there if it disables your firewall and blocks certain security websites.

Try this download, Malwarebytes Anti-Malware:

http://www.malwarebytes.org/mbam.php

That's what a lot of the security fora (such as Castle Cops) will tell you to do first. It's what I have on my own machine as well.

_________________
Several hundred fake escrows (and others) deaded--no longer counting.

aa419.org --dead a fake site today.

No, Akai, you're a wonderful bitch. --Reaper
View user's profileSend private messageVisit poster's websiteSkype Name
GordonBennett
Baiting Guru


Joined: 29 Mar 2007
Posts: 2829
Location: Pedicabo ego vos et irrumabo


PostPosted: Thu Sep 11, 2008 2:16 am Reply with quoteBack to top

Also do a search for your 'hosts' file and delete any mention of antivirus sites contained within

_________________
Ninja
DIE MUDER FUCKER

Purple Flower
View user's profileSend private message
Anti-419
Elite Baiter


Joined: 28 Jul 2004
Posts: 1804
Location: Bay Area, CA


PostPosted: Thu Sep 11, 2008 5:48 am Reply with quoteBack to top

I've cleaning up viruses for the past few days at work...

A couple of things to make sure...

Boot into Safe Mode... Disable System Restore Folder for Windows XP or ME

Then Run virus scan with latest Definition

Some virus needs to be cleaned out from Registry

_________________
Barr Marc Hycinth: "I HATE HOW MY NAME IS BEEN RUBISHED AT THE CASHING OFFICE TODAY."
Safari Lad: "...your mails are a healing balm to my condiction here."
Jeremiah Nnamani: "With you I wouldn't mind being a fool for the rest of my life."
James Bruce: "Thanks for your mail and also your insult to my personality and company."

Baiting Record:
Trophies - 128 | 4 AM Airport Taxi - 6
Nurse Nastys Audi TT Safari - Sierra Leone to Nigeria - "...please help me ,you brought me here to NIgeria.take me out."
Mortar x14
View user's profileSend private message
Nurse Nasty
Eloquent Noob


Joined: 31 Aug 2005
Posts: 7255
Location: Australia, where a dingo stole my eski


PostPosted: Thu Sep 11, 2008 6:19 am Reply with quoteBack to top

I've done everything here.

Sites are still redirecting, and I can't browse to get information to clean it up.

I leave my PC for 2 hours yesterday with strict instructions for no-one to do anything. Then a get the phone call - 'Umm I think I've downloaded something'

I'm getting really irate with the whole bloody thing.

I've even gone and manually searched for each and every file and cleaned out the registry.

Antivirus XP 2008 is the culprit. Seeing as I can't browsr to sites that discuss fixing the browser re-direct issue, can some-one lovely please post some info for me. Very Happy

_________________
[Support 419Eater] l [Get Premium!] l [Helpful stuff] l [ScamWarners]

vv Nasty Predicaments vv
Porno-Lad
Musa Crocodile
Comic Lads


Starstarstarstarstar Easter Egg 2012
GoatPurple FlowerMc FryGolden PithGolden Pith
View user's profileSend private messageSkype Name
Simba
master of subtlety


Joined: 19 Nov 2006
Posts: 4092
Location: Bila Shaka


PostPosted: Thu Sep 11, 2008 8:16 am Reply with quoteBack to top

@NN - Try this one, its always gotten rid of Zlob for me....

spybot search and destroy.

http://www.safer-networking.org/index2.html

_________________
Golden Pith=5imba Safari Camps
Safari=King Zongo-Ouaga to Accra to Lome to Accra to Lome
Safari=Mr Duru-Ouaga to Accra to Ouaga to Abidjan
Safari=Mr Yetonde-Sierra Leone to Accra
Safari=Mr Jiullus-Abidjan to Accra to Kumasi to Tamale
Safari=Mr Dandy-Abidjan to Monrovia-SSC Liberia
Safari=Mr Mandela-Jo'burg to Maun-SSC Botswana
Safari=Mr Danka-Dakar to Bangul-SSC Gambia
Safari=Mr Twumasi-Accra to Cotonou-SSC Benin
Safari=Mr Gomer-Lagos to Douala to Parakou-SSC Cameroon & SSC Benin
SafariSafariSafari=Mr Chukwu-Lome to Accra to Koforidua. Lome to Lagos. Lome to Cotonou.

Ivory Coast Nigeria Sierra Leone Somolia Liberian Flag Gambia South Africa Kenya Angola Flag Guinea Bissau Burkina Faso Ghana Mali cameroon Benin Senegal Togo
View user's profileSend private message
Nurse Nasty
Eloquent Noob


Joined: 31 Aug 2005
Posts: 7255
Location: Australia, where a dingo stole my eski


PostPosted: Thu Sep 11, 2008 11:28 am Reply with quoteBack to top

Thanks guys! That wasn't fun.

I've left a big note on my desktop.

'NO-ONE BUT ME TOUCHES THIS - WILL TRADE YOUR BODY PARTS FOR PC REPAIRS'

_________________
[Support 419Eater] l [Get Premium!] l [Helpful stuff] l [ScamWarners]

vv Nasty Predicaments vv
Porno-Lad
Musa Crocodile
Comic Lads


Starstarstarstarstar Easter Egg 2012
GoatPurple FlowerMc FryGolden PithGolden Pith
View user's profileSend private messageSkype Name
FloridaBaiter
Not quite a Newb


Joined: 18 Aug 2008
Posts: 60
Location: Surfing the Hurricane Swells


PostPosted: Thu Sep 11, 2008 12:00 pm Reply with quoteBack to top

I used the MalwareBytes to get rid of it, PLEASE let me know if that didn't work, I'll contact them about it.

Interesting you posted almost the same thing I did about using the computer, mine was different in threat "There are gators here, they'll never FIND the body parts!"

_________________
"I won't like someone to double-cross me after this transaction." Phil "Mickleson" Marks (uh oh!)

" I will not fail to bring to your notice this transaction is hitch-free and that you should not entertain any atom of fear as all required arrangements have been made for the transfer."
Mr. Richard Omoh

スコットはASSHAT である
I'm not really a Doctor, I just play one on 419Eater
View user's profileSend private message
Frodo
Gone fishin'


Joined: 06 Apr 2004
Posts: 2592
Location: The Shire


PostPosted: Thu Sep 11, 2008 3:19 pm Reply with quoteBack to top

Don't forget to change all your passwords.
View user's profileSend private message
Anti-419
Elite Baiter


Joined: 28 Jul 2004
Posts: 1804
Location: Bay Area, CA


PostPosted: Thu Sep 11, 2008 5:20 pm Reply with quoteBack to top

Nurse Nasty wrote:
Antivirus XP 2008 is the culprit. Seeing as I can't
browsr to sites that discuss fixing the browser re-direct issue, can some-one lovely please post some info for me. Very Happy


Idea Ahh.... I remember cleaning this one from a users laptop yesterday.

Here's the linky how to exterminate this bug:

http://www.symantec.com/norton/security_response/writeup.jsp?docid=2008-050906-3727-99&tabid=3

_________________
Barr Marc Hycinth: "I HATE HOW MY NAME IS BEEN RUBISHED AT THE CASHING OFFICE TODAY."
Safari Lad: "...your mails are a healing balm to my condiction here."
Jeremiah Nnamani: "With you I wouldn't mind being a fool for the rest of my life."
James Bruce: "Thanks for your mail and also your insult to my personality and company."

Baiting Record:
Trophies - 128 | 4 AM Airport Taxi - 6
Nurse Nastys Audi TT Safari - Sierra Leone to Nigeria - "...please help me ,you brought me here to NIgeria.take me out."
Mortar x14
View user's profileSend private message
Agi Hammerthief
Infidel


Joined: 12 Mar 2006
Posts: 667
Location: .de


PostPosted: Thu Sep 11, 2008 8:51 pm Reply with quoteBack to top

Nurse Nasty wrote:
Thanks guys! That wasn't fun.

I've left a big note on my desktop.

'NO-ONE BUT ME TOUCHES THIS - WILL TRADE YOUR BODY PARTS FOR PC REPAIRS'


lol, can't you lock the 'putr with a password?

why not build a box with a red button and a tag "don't press - will end universe"

want to bet how long before you get that phone call "nothing happened!?!?!"

_________________
only posting Surplus Letters from my personal mailbox

in gods we trust - all others pay cash

hug the trolls - maybe it will help them to stop being a worthless piece of trash

CellphoneCellphoneCellphoneCellphoneCellphone CellphoneCellphoneCellphone Cayman Islands United Kingdom x3 Nigeria
View user's profileSend private messageSkype Name
Nurse Nasty
Eloquent Noob


Joined: 31 Aug 2005
Posts: 7255
Location: Australia, where a dingo stole my eski


PostPosted: Thu Sep 11, 2008 11:51 pm Reply with quoteBack to top

I'm looking for a decent alternative firewall to zonealarm. Any recommendations?

_________________
[Support 419Eater] l [Get Premium!] l [Helpful stuff] l [ScamWarners]

vv Nasty Predicaments vv
Porno-Lad
Musa Crocodile
Comic Lads


Starstarstarstarstar Easter Egg 2012
GoatPurple FlowerMc FryGolden PithGolden Pith
View user's profileSend private messageSkype Name
Anti-419
Elite Baiter


Joined: 28 Jul 2004
Posts: 1804
Location: Bay Area, CA


PostPosted: Fri Sep 12, 2008 12:02 am Reply with quoteBack to top

Comodo Firewall is Free and it's good... It has pretty good review on CNet

http://www.personalfirewall.comodo.com/

Not sure about this one... It seems pretty good

http://www2.ashampoo.com/webcache/html/1/home_2.htm

_________________
Barr Marc Hycinth: "I HATE HOW MY NAME IS BEEN RUBISHED AT THE CASHING OFFICE TODAY."
Safari Lad: "...your mails are a healing balm to my condiction here."
Jeremiah Nnamani: "With you I wouldn't mind being a fool for the rest of my life."
James Bruce: "Thanks for your mail and also your insult to my personality and company."

Baiting Record:
Trophies - 128 | 4 AM Airport Taxi - 6
Nurse Nastys Audi TT Safari - Sierra Leone to Nigeria - "...please help me ,you brought me here to NIgeria.take me out."
Mortar x14
View user's profileSend private message
A Skinner
Texas Lad-Saw Massacre


Joined: 16 Nov 2003
Posts: 3662
Location: Texas, USA


PostPosted: Fri Sep 12, 2008 12:32 am Reply with quoteBack to top

@NN - If you find a better firewall than Zone Alarm let us know how it works out. I just finished uninstalling ZA Pro. It was blocking my Skype off and on. It has caused lots of trouble. I may install the free edition, but would rather have something else.

_________________
Safari Safari Safari Mortar x 25
Closed lad accounts X ? Nurse Nastys Audi TT x3 Purple Flower
Sand Timer x2 Easter Egg 2012 Nigeria Benin United Kingdom Ghana
SINCE YOU MADE ME TO GIVE MY CAR AWAY AND ALL THE DISAPOINTMENTS YOU GAVE TO ME,WHICH MADE ME TO STOP CONTACTING YOU. PLEASE DO NOT INVOLVE ME WITH ANYTHING YOU ARE DOING WITH ANYBODY, PLEASE DONT INVOLVE ME.I DONT WANT ANYTHING THAT WILL JEOPARDIZE MY IMAGE IN THIS COUNTRY.I AM A HUMANITARIAN LAWYER.

infact am getting tired with all this speculation in this transaction, honestly if i had known that this is the kind of person you are i would not have contacted for an assistance

Urgent??? Impotent massage

* Help Keep Eater Running - Click here to donate
View user's profileSend private messageSkype Name
Nurse Nasty
Eloquent Noob


Joined: 31 Aug 2005
Posts: 7255
Location: Australia, where a dingo stole my eski


PostPosted: Fri Sep 12, 2008 2:06 am Reply with quoteBack to top

Just installed Comodo on my network, and so far I like it.

Comodo doesn't like skype very much either. Very Happy

_________________
[Support 419Eater] l [Get Premium!] l [Helpful stuff] l [ScamWarners]

vv Nasty Predicaments vv
Porno-Lad
Musa Crocodile
Comic Lads


Starstarstarstarstar Easter Egg 2012
GoatPurple FlowerMc FryGolden PithGolden Pith
View user's profileSend private messageSkype Name
Nurse Nasty
Eloquent Noob


Joined: 31 Aug 2005
Posts: 7255
Location: Australia, where a dingo stole my eski


PostPosted: Sat Sep 13, 2008 2:51 am Reply with quoteBack to top

Comodo is great. 1 little tip; There are settings on the level of security the program offers. Just don't use the 'paranoid' setting. It locks you out of everything. You need to boot in safe mode, unistall the firewall and restart -> reinstall again.

Very Happy

_________________
[Support 419Eater] l [Get Premium!] l [Helpful stuff] l [ScamWarners]

vv Nasty Predicaments vv
Porno-Lad
Musa Crocodile
Comic Lads


Starstarstarstarstar Easter Egg 2012
GoatPurple FlowerMc FryGolden PithGolden Pith
View user's profileSend private messageSkype Name
Old No. 7
Master of Master Baiters


Joined: 31 Jul 2007
Posts: 777
Location: Somewhere Else


PostPosted: Sat Sep 13, 2008 8:19 am Reply with quoteBack to top

Diverting the thread I know, but as a ZAP user (but no tech expert) if ZAP is blocking some of your sites/utilities, have you tried creating Zones or Expert Rules to allow your Skype to operate?

Shortly after installing ZAP I was having trouble with my internet connection, went to the support forum, added the relevant server IP's in a rule and never had a problem since. My AV NOD32 also advises creating rules for ZAP to ensure it allows automatic updates.

[/divert]

_________________
200+ sites killed, from these countries => United Kingdom Netherlands Russia Nigeria Switzerland Ukraine South Africa Germany United States Canada Senegal Benin Spain Ghana Ivory Coast Cambodia Flag United Nations

pony pony pony Closed lad accounts Mortar

Like my flags? Want some of your own? Let justjay teach you how to kill sites here (clicky).

Hobbes may have retired, but get his brilliant WriteJunk here (clicky) and never touch a .dll again

Proud to be a mouth-breather who posted a load of shit but who has now also disappeared into the night
View user's profileSend private message
A Skinner
Texas Lad-Saw Massacre


Joined: 16 Nov 2003
Posts: 3662
Location: Texas, USA


PostPosted: Sat Sep 13, 2008 2:32 pm Reply with quoteBack to top

I was never able to figure out how to set up an Expert Rule. My ZAP would let things like Skype thru sometimes and not others. Then again, it may have just been my ISP or my computer. Things are working better without ZAP.

Quote:
have you tried creating Zones or Expert Rules

_________________
Safari Safari Safari Mortar x 25
Closed lad accounts X ? Nurse Nastys Audi TT x3 Purple Flower
Sand Timer x2 Easter Egg 2012 Nigeria Benin United Kingdom Ghana
SINCE YOU MADE ME TO GIVE MY CAR AWAY AND ALL THE DISAPOINTMENTS YOU GAVE TO ME,WHICH MADE ME TO STOP CONTACTING YOU. PLEASE DO NOT INVOLVE ME WITH ANYTHING YOU ARE DOING WITH ANYBODY, PLEASE DONT INVOLVE ME.I DONT WANT ANYTHING THAT WILL JEOPARDIZE MY IMAGE IN THIS COUNTRY.I AM A HUMANITARIAN LAWYER.

infact am getting tired with all this speculation in this transaction, honestly if i had known that this is the kind of person you are i would not have contacted for an assistance

Urgent??? Impotent massage

* Help Keep Eater Running - Click here to donate
View user's profileSend private messageSkype Name
PsycheDelia_Smith
Architect of misfortune


Joined: 30 Oct 2004
Posts: 3573
Location: Devon, UK


PostPosted: Sun Sep 14, 2008 10:48 am Reply with quoteBack to top

I'm so glad I dumped Windoze a long time ago.

If you're behind a router, and most people are these days, you're already quite well-protected from incoming connections, and a software firewall solution is kind of pointless, unless you have UP&P enabled, in which case you are beyond help of any kind. That being said, some method of controlling outbound connections is a must, to prevent malware phoning home. Even that 'innocent' freeware you installed very likely has a spyware payload, that's busy profiling you without your consent and sending home details about what you watch, what you listen to, what sites you visit.

Zone alarm seems to cover that well enough. When I refit an OS on a customer's machine, it's the one extra thing I always install. Doesn't ZA prompt you to allow access for each program, the first time you run it? If you select the "always allow" checkbox when you first run Skype, it shouldn't be blocked until you fit a new version of it.

_________________
SATISFIED CLIENTS:
"I was forced to sell off my designers black suit to be able to return back to Ouagadougou and on my coming back here my wife
took me to the cyber cafe and showed me the site where my photographs of circumcision was put on the net."-'Tosser' 0gugu0

"I am now completely twatted and shagged and will obey all your instructions to the fullest."-"Tosser" Oguguo

Golden Pith "Frankily speaking,I wouldn't want to travel to the far east again."-Edward Smith, Lagos-Singapore (14600 miles round trip via Dubai)


9x Safari 4 x Lagos-Accra , 3x Port Harcourt - Ibadan, 1x Lagos-Singapore, 1x Burkina-Bamako
Netherlands Nigeria Ghana South Africa
Sand Timer'Ed', 3 yrs 8 mnths Sand Timer'Oguguo',6 years and 4 months
View user's profileSend private message
Display posts from previous:      
Post new topicReply to topic


 Jump to:   



View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



E-Mail Header Analysis


All Content © 2003 - 419Eater.com
Powered by phpBB © 2001, 2002 phpBB Group :S5: FI Theme :: All times are GMT