antispystorm

Secure Home | Search | About

Lost Password?

Microsoft Applications Security

get this group's latest topics as an RSS feed

add this group's latest topics to your My MSN content

add this group's latest topics to your My Yahoo content

add this group's latest topics to your Google content

Subject

Author

Date

antispystorm

goodknees

10-22-2007

Malke

goo

Malke

goo

jen

goo

Posted by =?Utf-8?B?Z29vZGtuZWVz?= on October 22, 2007, 10:01 am

If you were Registered and logged in, you could reply and use other advanced thread options

I've been hit by antispystorm even though I have Norton Internet Package.
Extra scan with the Norton didn't eliminate it. On my own, I deleted some of
the virus. Still have problems...three worst problems are: 1) task manager
disabled, 2) desktop background always changes back to note, 'you've been
infected...', and 3) searching with 'antispystorm' redirects my search to
blank screen. Thanks for help.

Posted by Malke on October 22, 2007, 10:06 am

If you were Registered and logged in, you could reply and use other advanced thread options

goodknees wrote:

> I've been hit by antispystorm even though I have Norton Internet Package.

> Extra scan with the Norton didn't eliminate it. On my own, I deleted some of

> the virus. Still have problems...three worst problems are: 1) task manager

> disabled, 2) desktop background always changes back to note, 'you've been

> infected...', and 3) searching with 'antispystorm' redirects my search to

> blank screen. Thanks for help.

This is one of the many variants of the Zlob trojan.

Do the preparatory steps here:
http://www.elephantboycomputers.com/page2.html#Removing_Malware

Then do the specific removal steps here:
http://www.elephantboycomputers.com/page2.html#Winfixer

You can also check to see if there are targeted removal steps for your
malware here:
Bleeping Computer removal how-to's -
http://www.bleepingcomputer.com/forums/forum55.html

When all else fails, run HijackThis and post your log in one of the
specialty forums listed at the first link above (not here, please).

Not all tools used will work in Vista and you will need to run them
elevated. Since Vista is so new, it will be a while before removal
techniques and tools are developed. If you are unable to remove the
infection by following the general steps, register at one of the
HijackThis forums as suggested.

Standard caveat: If the procedures look too complex - and there is no
shame in admitting this isn't your cup of tea - take the machine to a
professional computer repair shop (not your local version of
BigComputerStore/GeekSquad). Please be aware that not all local shops
are skilled at removing malware and even if they are, your computer may
be so infested that Windows will need to be clean-installed. Have all
your data backed up before you take the machine into a shop.

Malke
--
Elephant Boy Computers
www.elephantboycomputers.com
"Don't Panic!"
MS-MVP Windows - Shell/User

Posted by =?Utf-8?B?Z29vZGtuZWVz?= on October 22, 2007, 11:40 am

If you were Registered and logged in, you could reply and use other advanced thread options

Similar to my #3 item of redirect, when I go to the elephantboy web site and
click on 'removing malware', the virus redirects me to a blank screen. Is
there a folder, file, technique, etc. for manually deleting that 'thing'
causing the redirect? Thanks.

"Malke" wrote:

> goodknees wrote:

> > I've been hit by antispystorm even though I have Norton Internet Package.

> > Extra scan with the Norton didn't eliminate it. On my own, I deleted some

> > the virus. Still have problems...three worst problems are: 1) task manager

> > disabled, 2) desktop background always changes back to note, 'you've been

> > infected...', and 3) searching with 'antispystorm' redirects my search to

> > blank screen. Thanks for help.

> This is one of the many variants of the Zlob trojan.

> Do the preparatory steps here:

> http://www.elephantboycomputers.com/page2.html#Removing_Malware

> Then do the specific removal steps here:

> http://www.elephantboycomputers.com/page2.html#Winfixer

> You can also check to see if there are targeted removal steps for your

> malware here:

> Bleeping Computer removal how-to's -

> http://www.bleepingcomputer.com/forums/forum55.html

> When all else fails, run HijackThis and post your log in one of the

> specialty forums listed at the first link above (not here, please).

> Not all tools used will work in Vista and you will need to run them

> elevated. Since Vista is so new, it will be a while before removal

> techniques and tools are developed. If you are unable to remove the

> infection by following the general steps, register at one of the

> HijackThis forums as suggested.

> Standard caveat: If the procedures look too complex - and there is no

> shame in admitting this isn't your cup of tea - take the machine to a

> professional computer repair shop (not your local version of

> BigComputerStore/GeekSquad). Please be aware that not all local shops

> are skilled at removing malware and even if they are, your computer may

> be so infested that Windows will need to be clean-installed. Have all

> your data backed up before you take the machine into a shop.

> Malke

> --

> Elephant Boy Computers

> www.elephantboycomputers.com

> "Don't Panic!"

> MS-MVP Windows - Shell/User

Posted by Malke on October 22, 2007, 2:11 pm

If you were Registered and logged in, you could reply and use other advanced thread options

goodknees wrote:

> Similar to my #3 item of redirect, when I go to the elephantboy web site and

> click on 'removing malware', the virus redirects me to a blank screen. Is

> there a folder, file, technique, etc. for manually deleting that 'thing'

> causing the redirect? Thanks.

Use a different known-clean computer to read the instructions and get
the removal tools you will need.

Malke
--
Elephant Boy Computers
www.elephantboycomputers.com
"Don't Panic!"
MS-MVP Windows - Shell/User

Posted by =?Utf-8?B?Z29vZGtuZWVz?= on October 22, 2007, 3:43 pm

If you were Registered and logged in, you could reply and use other advanced thread options

I used clean machine for information and went back to infected machine. The
virus must have 'bleepingcomputer.com' on it's 'watch' list because it
redirects away from the suggested web site, 'bleepingcomputer.com'. Looks
like I have to reinstall Windows XP. That is, of course, uless someone knows
and could relate to me some folders or files that typically do such
redirecting. I'd delete them and see if that stops the redirecting so I
could access the suggested web sites from the infected machine. Since I'm
going to reinstall the operating system, nothing lost if deleting fails or
makes operation worse. Thanks for suggestions.

"Malke" wrote:

> goodknees wrote:

> > Similar to my #3 item of redirect, when I go to the elephantboy web site and

> > click on 'removing malware', the virus redirects me to a blank screen. Is

> > there a folder, file, technique, etc. for manually deleting that 'thing'

> > causing the redirect? Thanks.

> Use a different known-clean computer to read the instructions and get

> the removal tools you will need.

> Malke

> --

> Elephant Boy Computers

> www.elephantboycomputers.com

> "Don't Panic!"

> MS-MVP Windows - Shell/User

The site map in XML format XML site map