What kind of virus is this?? and how the fuck do I remove it??

[DJ_UFO]

Yeah bro. It was my mistake. Basically, and as a heads up for others, I went to a website to download a porn movie where the rapidshare links where posted. It took like 30 seconds to load and AVG detected some trojan. But, STUPID ME, went back the next day to the same site; this time AVG didn't say shit but the Internet explorer got stuck like for 1 minute loading some shit. I think that's when the shit was penetrating me in the ass.

 

[chewyxrage]

Yeah dude, you gotta look at the file first before you download it. A porn isn't gonna be be something you can download in 30 seconds, and the file size will tell you that

Did you download and run it or was it just the website? Do you have zone alarm?

 

[DJ_UFO]

Yeah dude, you gotta look at the file first before you download it. A porn isn't gonna be be something you can download in 30 seconds, and the file size will tell you that

Did you download and run it or was it just the website? Do you have zone alarm?

No it was just the website. The links where dead. But by loading the website, some script shit raped me. And no I don't have zonealarm, and the virus prevent me from going to any web address containing any antivirus or security company name.

 

[chewyxrage]

That's shitty dude. In the future, download zone alarm, it won't let anything access your computer w/o permission. And if you haven't run a program that would require it, you would know and you can deny access.....

 

[DJ_UFO]

yeah. Well at least the damage seems to be only with i. explorer. No problems with firefox, other than being unable to access antivirus websites and avg now can't download the new virus definitions.

 

[chewyxrage]

yeah. Well at least the damage seems to be only with i. explorer. No problems with firefox, other than being unable to access antivirus websites and avg now can't download the new virus definitions.

Using firefox will protect much more from that script bullshit, definitely.

That is the main reason why it's so popular......

 

[Cutiebaby]

I have a similar issue. My internet seems to work fine, no problems with it.
However when I go to "my computer> documents and settings the pop ups for virus protection begin.. I used both my usual ad aware but that did not help so I went ahead and got the avg and well it found the trojan zlob, however I looked this morning and still cannot get into my files without massive pop ups. I don't know what I am going to do now to find this little fucker. I had to clean this whole computer once on my own with no help from a software, I hope I don't have to do it again but that looks the case.

 

[Delinquent]

at least your problem is limited to ie. I just formatted and installed Vista for the first time and explorer.exe keeps restarting on me whenever I open any explorer related window such as my computer, programs and features, etc. I've searched and tried everything but I can't find anyone that has the exact issue as me. Others will have similar issues where explorer will crash but only when viewing IE like you whereas the actual process explorer.exe either just stops responding or completely disappears and restarts

 

[digger]

No it was just the website. The links where dead. But by loading the website, some script shit raped me. And no I don't have zonealarm, and the virus prevent me from going to any web address containing any antivirus or security company name.

Yeah, the antivirus peeps ought to have some random "stealth" names to get around the viruses that block them from running. Wonder why they haven't thought of that?

One possibility -- Find your "hosts" file and see if it has a bunch of new entries. It should be in c:\Windows\System32\drivers\etc\hosts -- open it up in Notepad and remove any entries you find that talk about security sites. That's one way they try to keep you away from the antivirus companies. It might be hooked in deeper, but it's worth a look.

Sounds like you can still get to Task Manager but the bad process is hidden. Will it let you run REGEDIT?

If so, you may be able to find the key where stuff gets started at boot and rip out everything that isn't essential. Look here --
HKEY_Local_Machine\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Also look for things defined as "services" -- that's where the rootkit would start up and hide its helper processes from the Task Manager.

There's no guarantee that will work; Microsoft came up with a way to keep you from being able to remove certain parts of the system even in REGEDIT -- the first thing they used it for was the f-cking Microsoft Game Zone. (Don't get me started on THAT bit of idiocy!) Virus writers use it sometimes, but not all of them.

The rescue kit approach starting from a clean boot is your best shot.

The virus writer is going to try to fight back, first by not letting you edit your config files or Registry, and then by replacing the bad entries and relaunching his code from as many different places as he can. If you miss one, the whole mess starts up again.

For future reference, Spybot S&D has an add-on called "teatimer" that will not let a drive-by download add anynew entries to your registry until you click "OK"; it's simpler to use than ZoneAlarm, and in my opinion it's better for the average user. Unless you are deliberately installing new software, you can Just Say No.

 

[DJ_UFO]

Thank you digger. There are no entries in the host files, and the run section of the windows registry is clean. who knows where this shit is living and what could be the name of this thing.