Anybody familiar with virus removing tools that do the job? I'm looking for something free maybe... It's a spyware program I think, Trojan possibly? It disabled my Task Manager, and I get pop ups every minute on the bottom with a fake balloon saying My Computer is at risk, with a non-windows icon thing. I wouldn't mind just wiping everything off the computer since I don't have anything important on it. Any help?

If there's nothing important on it just wipe it. Especially if you have xp since xp needs a fresh install every six months or so.

Did it take over your desktop photo? If it did, you have the SmitFraud virus. My kid got that one from the Cartoon Network popup ad. Just had to click it. lol

There are a few writeups out there to remove it. It took me about 6 hours to get it completely off the laptop. Spybot Search and Destroy was the only one that labeled it as such, but once I had a name to it, it was on. Then it was just google searching and finding the right steps.

Thanks for the input guys. How would I go about wiping the computer? Do I need any special CD's? I don't need anything on it really, but I'm afraid there is a keylogger I got stuck with from clicking on those gay myspace messages. :(

You just need the windows xp cd. After that all you need to do is go into the bios. You can usually get into bios by hitting del, f1, tab, one of those buttons when you first start the computer. After that just wonder around in bios until you find the primary boot device settings and change it to cd rom. After that it's all about following instructions.

spyware doctor will wipe everything out, PM me if you want it

What you have is the zlob trojan/virus. It is not necessary to get out the disk and wipe it either, thats just silly. This thing takes hardly any time to get rid of guys. FO FREE! Start here and download this:
http://siri.urz.free.fr/Fix/SmitfraudFix.zip

Put that in your browser, and allow the download once the AV prompts you (you do have antivirus right?) Put this on the desktop. It is all we will need hopefully. I know its good, because I had to use it this weekend.

Start the computer in safe mode first thing. That might be a challenge because this dirty little program will try and shut the PC down before you can do that. Once you get the PC started in safe mode without networking, start smitfraudfix. It will access a CMD window, and scan as well as remove the files. It will ask you to fix the registry, tell it yes. Then it should ask to restart the PC. After that you will need to do the following to get the task manager back once you get back into a regular bootup:

As part of the enhanced management available in Windows 2000 and Windows XP, rather than risking a registry change, as an administrator you can enable or disable Windows 2000 Pro or Windows XP Pro's TaskManager using Group Policy Editor. This can be applied to the local policy. Note: if you are trying to override your organizations group policy, you can't. As soon as you re-authenticate to the domain, the domain or OU Group Policy will rewrite the registry setting. But if the TaskManager was accidently disabled (see little bitch zlob virus ftl) or you need to control this item for a set of standalone boxes this is for you:


Click Start
Click Run
Enter gpedit.msc in the Open box and click OK
In the Group Policy settings window

Select User Configuration
Select Administrative Templates
Select System
Select Ctrl+Alt+Delete options
Select Remove Task Manager
Double-click the Remove Task Manager option



And as I mentioned above, since the policy is Remove Task Manager, by disabling the policy, you are enabling the Task Manager.

The dirty little bugger disables this for you. Awesome.

Thats all folks! Let me know if you need additional assistance.

Thanks for the help guys, I'll try some steps when I get home to my computer. I'll keep you posted!

I have removed this off of 4 PCs now outside of my own as of today. Each looked exactly the same, and came off easy as pie with these steps. I even surprised the IT guys at work LOLz

Sweet, I'll end up trying what you posted when I get home just to be on the safe side. I used to get these pop ups from the XP security thing saying there was a Key Logger, Bank Fraud, Green Tea?, Trojan, and something else would pop up every so often. BTW, I saw your Land Rover at Park Meadows a while back with the HAI sticker on it! I called M@ thinking it was Terry's. Anyways, thanks for the info!!

Right on right on. Let me know how it goes. I was wondering how long it would be before someone saw the Rover at PM, the wife works over by the Cheesecake Factory now. Most of the time she has the pickup, but yeah...I think I am the only one who puts stickers in the back window of his LR3 LOLz

Yep, thats where I saw it. Pretty close to the CCFactory.

Linux or MacOS ftw. Period.

I know that's not what people like to hear, but it's new, hip and the wave of the future! :)

I need some time to learn some of that, what John said +53536304049389

Time to start using that tuition re-embersement (sp?) at work :)

A mix between smitfraudfix, and that spydoctor fixed it! I'm not sure what did what, but either way the pop up thing dosen't come up anymore! Thanks guys

Awesome, see! No need to reformat. :D

lol, that would've sucked. Thanks for your help guys I appreciate it!

Now stop visiting those porn sites. And don't use IE, ever.

I clicked on a MySpace thing, and yeah some of that pRon. I'm using FireFox now.

firefox with stopscript installed will get you pretty much 100% secure, granted you don't go allowing the wrong scripts to run.

The way I got the zlog was from a redirect from cnn.com. I was watching videos, and one of them told me that it required an adobe download...it was all downhill from there. It took away my task manager, killed the google in my firefox, and created an admin somehow. originally I have just the one identity set to admin with no password, so I was like WHAT THE FUCK!!! Every time I tried to get the PC to start in safe mode, it would shut down the PC each time before I could hit enter. I was seriously going to throw this MF right out of the window like a frisbee, screw the format. I am glad that I was persistent with it though. All of this happened in firefox, as I stay away from IE entirely. Thanks for the tip street, I will be doing just that! :)

From cnn.com? Honestly I find that hard to believe, unless there was an injection along the way.

And with that said - 2 words. Fuck Windows.


some_hostname:/home/god> uptime
23:34:33 up 325 days, 10:12, 1 user, load average: 4.23, 4.52, 4.59

I have access to a unix machine with over 1200 days of uptime. No reboots - no issues, connected directly to the net. It's a DNS server, so it's not handling a lot of work, but it's there and it's been up for a number of YEARS.


some_hostname:/home/god> free
total used free shared buffers cached
Mem: 1020412 998352 22060 0 32852 357920
-/+ buffers/cache: 607580 412832
Swap: 2048276 41172 2007104


Yes - fuck windows. Learn something new, you effin lemmings. Many linux distros (read: ubuntu) are freely available and 1000x more secure than windows. Take the time to learn.

Lemmings FTMFL.

I was shocked on the CNN thing too, but found later that I was redirected to a totally different address, but it looked like the proper site. At work, the same issue keeps coming up even though we don't support the PC or the OS in any way... They still call in about it. They all have confirmed the same redirect address so far, but originating from different sites. Funny thing is, the main address in the redirect is the same as the one IE will always go to until zlog is gone as it tries to get you to DL the fake software.

How am I a lemming? I really don't have much spare time for shit being I have 4 kids and 2 jobs. Thats not cool man. I will learn Linux one of these days, but I do have priorities. I work with people who all went to college to perform the tasks and duties we face each day on the phones, and I have yet to step foot in a college myself. I am self taught, and one of the top technicians in the entire national commercial support center I am in. I agree that I need to learn, and respect what you have to say John, but I take offense to some of your words.

The lemming comment wasn't directed at anyone specific, just the technology-using population in general. Perhaps the fact that I've been in the technology world for way too long makes me jaded, but I'm simply amazed at times by the lack of knowledge in the general population.

No offense intended, as I was just spouting off. Again.

I have had an utmost respect for you for a long time John, since the CODSM days. I could be a bit less sensitive, I guess its been one of those days for me today... Plus my tc4200 laptop is doing the stupid black screen crap to me...bad day indeed.

That being said, I am going to do some research today when I get some time and see what it takes to put ubuntu on my laptop. Thanks John. :)

Ubuntu is the easiest of the linux distros. Get a current ISO from here (http://www.ubuntu.com/getubuntu). Burn it and boot it. You can run from the live CD image for a testdrive.

If you have the diskspace, create a new partition and install it. 10-20 gig is more than sufficient to play with. The grub bootloader will be installed and you'll be dual booting to your hearts content.

And I'm just a cranky old fart anyway. :)

Here's what my disk mounts look like on my lab linux box. The /windows/* mounts are XP, Vista and Server 2k3. The 55 gig partition is where all of my virtual machines live.

http://jsalmi.com/df.html