hello, im running on a gateway laptop computer, with intel core duo 2 processor, and 2gb of memory. the other day, i was trying to play a game, and because i am running on the new windows vista operating system, i had to download it. i downloaded it, and i began to get popups. didnt think much of it, so i went to activex in my program file, and deleted everything i could. while i could delete some things, others i could not. i pressed CTRL+ALT+DELETE, and saw that a couple of the remaining files in the folder were running in my processes, isamini.exe, and i THINK isamtr.exe or somthing of that sort. so i figured those were the viruses that i had been infected with. i turned my laptop off to go to sleep, and i wake up, turn it on, and i am all the sudden being pounded with windows error messages, saying that windows explorer stopped working, and then i get a popup saying that it is restarting windows explorer. it does this, then gives me a 2-3 second space of time with which to do somthing. after this time, anything that i managed to get up during that time is closed! so i talked to a ouple of my internet friends who are somewhat savy on computers, and was told to download and run AVG spyware/virus scan program. i did this, but since i was not able to run it during the normal windows, i turned off my laptop and restarted it in safemode. so i ran the scan, and (as i guessed) said it found nothing. i turn off my laptop, and restart it in regular windows vista mode, and i cant move. i cant click start, i cant click any icons on the desktop, i cant CTRL+ALT+DELETE, i cant do anything. so a friend sent me a tutorial on how to remove Trojan.Zlob.M, which is apparently related to isamini.exe.
http://www.symantec.com/security_response/...-99&tabid=3
so i went there, and although it wasnt for windows vista, i thought it would work non-the-less. so i started my windows in safe mode comand, and i was able to remove :
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run\"user32.dll" = "%CurrentFolder%\isamntr.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run\"rare" = "%CurrentFolder%\pmsnrr.exe"
but the other registry's i wasnt able to remove, as i could not find them, im not sure if this is related to me having vista or not. basically im stuck there. i cannot get onto vista through normal windows, nor can i through safemode any more. the only way i can get to my comuiter is through the command safemode. can some one please help me, im in dire need to figure this out, as i have a research paper due thats on my laptop. when trying to help me, keep in mind that i have vista, and that i can only get on through the command. i cannot install any programs, or anything of that sort. thank you so much for your responses.
Full Version: Activex Gave Me Trojan.zlob.m. I Have Vista. Plz Help
Lavasoft Support Forums > Archived Topics > Archives: Resolved/Inactive Topics > Resolved/Inactive General Support Issues
Hello,SirRaaB & Welcome
Please download Ad-Aware SE Personal and install it. If you already have Ad-Aware SE, please configure it as indicated below. If you have a previous version of Ad-Aware, please uninstall your current version and install the newest version SE 1.06.
1) Run Ad-Aware, and click Check for updates now.
2) Select Configurations (click the Gear wheel at the top) as follows:
3) To start the scan, Click > "Scan Now" at left
-------------------------
When the scan has completed, click "Show Logfile". Copy/paste the complete log file in a thread of your own. Do not quarantine or remove anything at this time, just post a complete logfile. This sometimes takes 2-3 posts to get it all posted. You will know you are at the end when you see the "Summary of this scan" information has been posted.
------------------------
Please goto this site here and download the HijackThis Executable
http://www.trendsecure.com/portal/en-US/th...hijackthis.php#
NOTE: This is in beta version
Also
System requirements:
Operating System:
* Microsoftâ„¢ Windowsâ„¢ XP
* Microsoftâ„¢ Windowsâ„¢ 2000
*May require Visual Basic Runtime Libraries available from Microsoft here
Software:
* Microsoftâ„¢ Internet Explorer 7.0
* Microsoftâ„¢ Internet Explorer 6.0
* Mozillaâ„¢ Firefoxâ„¢ 1.5 or higher
------------------
And make sure to unzip it to a permanent folder. Then please run HijackThis, click Scan and Save log, and post the new log here. don't install to the Temp folder.
Gogo
Please download Ad-Aware SE Personal and install it. If you already have Ad-Aware SE, please configure it as indicated below. If you have a previous version of Ad-Aware, please uninstall your current version and install the newest version SE 1.06.
1) Run Ad-Aware, and click Check for updates now.
2) Select Configurations (click the Gear wheel at the top) as follows:
- General Button > Safety & Settings: Check (Green) all three.
- Tweak Button > Cleaning Engine > UNcheck "Always try to unload modules before deletion".
3) To start the scan, Click > "Scan Now" at left
- Deselect "Search for negligible risk entries" as negligible risk entries (MRU's) are not considered to be a threat.
- Select "Search for low-risk threats"
- Select "Perform full system scan"
- Click Next
- In the Scanning Results window, select the "Critical Objects" tab.
- Right-click on the screen and choose "Select all objects"
- Click Next to remove the infections found, and click OK to the prompt.
- Restart the computer.
-------------------------
When the scan has completed, click "Show Logfile". Copy/paste the complete log file in a thread of your own. Do not quarantine or remove anything at this time, just post a complete logfile. This sometimes takes 2-3 posts to get it all posted. You will know you are at the end when you see the "Summary of this scan" information has been posted.
------------------------
Please goto this site here and download the HijackThis Executable
http://www.trendsecure.com/portal/en-US/th...hijackthis.php#
NOTE: This is in beta version
Also
System requirements:
Operating System:
* Microsoftâ„¢ Windowsâ„¢ XP
* Microsoftâ„¢ Windowsâ„¢ 2000
*May require Visual Basic Runtime Libraries available from Microsoft here
Software:
* Microsoftâ„¢ Internet Explorer 7.0
* Microsoftâ„¢ Internet Explorer 6.0
* Mozillaâ„¢ Firefoxâ„¢ 1.5 or higher
------------------
And make sure to unzip it to a permanent folder. Then please run HijackThis, click Scan and Save log, and post the new log here. don't install to the Temp folder.
Gogo
i would try this, but i can only get on my computer through the "safemode with command prompt", and i dont think i can access the internet through that, let alone install the program. can you give some kind of manual instructions to delete the isamini.exe/ trojan.zlob.m files through the command prompt? that is the ONLY way i can get onto my computer and do somthing.
Can you list the folders in your program files directory? (if you find the one with activex just mention the exact name of it)
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.