Hi I have a huge dilemma >:(…I decided to check the history and noticed that my teen son (yea it was him! >:() had visited quite alot of porn sites!! After deleting history & temporary files & ran a scan, I had a prompt to download “IE Antivrus” and it will not allow me to do anything unless I download the program. Actually I can log on normally until a blank page appears saying “Insecure Internet. Threat of virus attack” It recommends me to get full advanced real-time protection and continue browsing and download the above-mentioned (IE Antivrus). Also my Windows Defender box appeared and it said the following is infected:
WIN32/IE Defender
Trojan WIN32.Net Booster 22
Spy.HTML.Paylap.bg
DR/Dldr.zlob.lbr.14
Trojan.Perfect.Keylogger
Backdoor.WIN32.IRCBot.exe As well as that, another box appears with the following:
Stolen Block
IP Address: 203.211.68.154
Browser:Mozilla/4.0 (compatible;MSIE 7.0; Windows NT 5.1)
Operating System: Windows XP
PLEASE HELP AS THIS IS VERY FRUSTRATING!! I APPRECIATE YOUR HELP GREATLY! :)…IF YOU REQUIRE ADDITIONAL INFO LET ME KNOW…THANK YOU IN ADVANCE!!!
Your “Windows Defender” identified the Malware as “Zlob” & a “Backdoor
Trojan” . ALL the experienced, trained, certified, Volunteer “Malware-
Fighters” I know recommend reformatting, then reinstalling the Operating
System when infected with a “Backdoor Trojan” . Recommend you read what
One of those Sites say at www.geekstogo.com/2007/10/03/what-is-a-backdoor-trojan/ .
Hi :)Jtaylor83…THANKS A MILLION!! :)I followed your instructions… I downloaded Blue Collar K9 Protection and SUPERAntispyware programs…I haven’t had any problems with any pop ups etc…I hope it has fixed the problem!..I hope! ::)…Please find the Hi-Jack Log (hope Ive attached it right though)
Thanks
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:11:05 p.m., on 15/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
And also your java is out of date which can be vulnerable to more infections such as Vundo/Virtumonde. Please uninstall the old version and install the latest version here.
no reason to remove AVG-Antispyware (EWIDO) if he has a paid subscription and current definitions
if he has the old free EWIDO version it is out of date and should be removed
just he should not have two (or more) antispywares in residence at the same time
SAS may be free but in many areas is not in the same league with EWIDO
Windows Defender was formerly Microsoft Anti Spyware
from wikipedia
Windows Defender is based on GIANT AntiSpyware, which was originally developed by GIANT Company Software, Inc. The company’s acquisition was announced by Microsoft on December 16, 2004. While the original GIANT AntiSpyware supported older Windows versions, support for the Windows 9x line of operating systems was dropped. However, Sunbelt Software, which was originally GIANT’s partner, sells a product based on the same technology called CounterSpy
If poster has a paid subscription to windows defender and current updates he is not much different than SAS
That said
he only needs one installed and can use the others as on-demand scanners
he could use Spybot Search and Destroy as an on demand scanner as long as he does not install T-Timer
etc
Thanks to the above for your advice, greatly appreciated.
I have updated Java and software and removed AVG as its out of date.
But I like the K9 Protection so if my son ever wants to wander, it will block him from accessing those websites.