Blog Somebody

If you get this trojan virus, you will notice a small yellow triangle that says System Alert! Your computer is infected. windows has detected a spyware infection. Of course these are not authentic messages coming from windows. They are caused by Spyware or Malware trojan virus called Smitfraud. I think the one I got is called Troj.vlob.an

This virus is so evil that it will disable your task manager, change you wallpaper and send you lots of popup to advertise fake anti-spyware programs. Do not click on these ads or you will keep getting more spyware, trojans and virus. It will eventually slow down your pc so much that you will have to call me.  

Yesterday I went to repair another computer for a customer and she had this bad virus. She had the same type of Zlog trojan that I also wrote about last week. That time I decided to reinstall windows, but this time since I had read some articles about it, so I went prepared with a few tools to clean it. First I had the smitfraudfix.exe and I also had a fixtaskmanger.exe as well as a few other basic antispyware and antivirus programs. I thought that the smitfraudfix.exe would be the perfect tool. I went ahead and ran it in safe mode and let it do its things. But even after it was finished and rebooted, this virus kept reappearing. I also noticed that the task manager was still disabled. So now I ran the other tools. I ran the task manager fix tool and it did get me back the access to the taskmanager. I continued to clean using some original methods of regedit and msconfig. This PC had Windows XP home edition. I found a few entries for rundll followed by the name of some strange dlls. So I deleted these from the startup paths and also from the registry Hkey local machine, software, microsoft, windows, run key etc.

I also booted back into safe mode and deleted the strange dll’s which I know are the virus files. But I noticed that even in safe mode, I was still getting the highjacked wall paper and the little yellow triangle that this Zlob trojan causes. it looks like this is a new variant that not even smitfraudfix.exe can get rid off. I also ran Adaware, Spybot and trojanhunter. None of these programs could kill this virus. I was ready to reinstall windows. But I decided to try one more tool. I downloaded a SuperAntiSpyware free version and I tried that too. This program which I once I thought was spyware actually helped clean up many more adware, trojans and spyware programs. It only left the fake wallpaper and I removed that, but I still have a feeling that this virus is still hiding somewhere else.But where can it be hiding? I think it has somehow infected the files that windows uses to display the active wallpaper. I will have to go back this evening and this time I will have to try a self booting antivirus program and see if it find the effected files. If anybody who reads this post knows a better way I will be glad to here from you. I may even offer you a small reward!

I know that I will see this virus again. Next time I want to be even better prepared for it. Please post any helpful comments below. Thanks in advance.

BTW I just found a few more tools and will bring them to the PC tonight:

SmitRemove and Rouge remover. I also will run ccleaner and install the latest antivirus version as I can find.

I guess I am not the only person that recently got my hands on a Toshiba notebook Satellite A135-SP 4796 and I also immediately ran into problems with it and its Spanish version of Windows Vista.

This laptop was purchased by a friend of mine and since I am at IT pro, I decided to fix it up for her. The laptop must have been build for sale South America, maybe Argentina or Uruguay. I see many posts in spanish and they are from those domains. So I guess this Laptop is not made in the US.  But I had no idea how this was going to become a nightmare.  So far I have spent 10 hours looking for drivers.

What had happened was the following: The laptop had Spanish Vista and the wireless was not working so my friend asked me to fix it. So since I am not a fan of Vista or any new OS that are resourse hogs and also it was a Home edition. So I pulled out my windows XP CD and started to run setup. I have found that Windows XP still works much better that Windows Vista, unless you have installed lots of Memory and a Super CPU. But this Laptop does not have that. I do not know why Miscrosoft and Toshiba insists on forcing people to use Windows Vista that was preinstalled. With Vista it took this machine about 5 minutes to boot up, and it would take ages to just open any explorer window.

This Laptop was obviously not designed for windows Vista! but Toshiba is probably afraid of messing with the Big “M” Microsoft tm.  

So now that I had re formatted the hard drive for XP I ran into a new problem and that is that there were no drivers to be found. Windows XP only installed a few basic drivers, but it left the Wireless Card, VGA and Ethernet card without a driver.

So as usual, I searched the web for the missing XP drivers and that is when I found out that Toshiba only has Vista drivers and furthermore, as I searched the web, many users are complaining about the same thing. Now it was too late to tell my friend to take back this piece of junk and return it to whoever sold it to her.. But I wish i would have done so. Now I spent many hours researching the web and found very few links that showed XP drivers for Toshiba.

But we want to have XP drivers.  So I had to keep searching little by little until I found some of them.

I also learned from some forums, that if you call Toshiba, they will tell you that they will not support XP and hang up. I am not sure if that is true, but who knows!

But the drivers are out there and after many long hours I did find them.

I found the wireless driver  on the Aleros web site. In my case it was Atheros AR2425

DOWNLOAD ATHEROS DRIVER HERE:

They have an XP driver!!! So why doesn’t Toshiba? Well I guess I know which brand I will

not buy the next time I am shopping!

I also found a driver pack for a simular model: a135-s2276 and after I unzipped this file I found the video driver and a few others.  Please note that the video driver was actually located in one of the mobile intel(r) 945GM chipset subfolders, so you will have to search one by one until windows XP accepts it!

The video driver works fine and in Device manager it will show Mobile Intel(r) 945 GM Express Chipset 2 times.

Now I am working on the Audio.  I do not see a yellow exclamation in device manager, but if I go into Control Panel Sounds, excery option is greyed out. If anybody has had success, please let me know. 

DOWNLOAD Other Toshiba A135 Drivers here: