Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Infected With Some Real Beauties

  • Please log in to reply
1 reply to this topic

#1 monkeyman


  • Members
  • 1 posts
  • Local time:11:48 AM

Posted 31 August 2006 - 04:04 PM


Need some help from the wisemen, my system has 4 lovely hanger-on's. There not welcome but there outstaying their welcome.

They are


ibm00001.exe These 3 live here C:\ProgramFiles/Common Files/Microsoft Shared/Web Folders

these last 3 are Trojan.anserin according to Norton

I've ran norton, cwshredder and various other programs but i just can't shift em

can someone please help me out here

many thanks

BC AdBot (Login to Remove)


#2 Starbuck


    'r Brudiwr

  • Malware Response Team
  • 4,150 posts
  • Gender:Male
  • Location:Midlands, UK
  • Local time:11:48 AM

Posted 31 August 2006 - 05:41 PM

Hi monkeyman
see here for more info....
TheMatrixHasYou.exe........... read This

as for the others... they are linked:
Troj/Delf-LJ is a password stealing Trojan for the Windows platform.

When Troj/Delf-LJ is installed the following files are created:

\Microsoft Shared\Web Folders\ibm00001.dll
\Microsoft Shared\Web Folders\ibm00001.exe
\Microsoft Shared\Web Folders\ibm00002.dll

This being the case... i would advise you to post a Hjt log and let the experts help you with this.
If you need a help on posting a Hjt log.... click Here
It may take a while to get a response because the HJT Team members are very busy. Please be patient as they are volunteers who will help you out as soon as possible. Once you have made your post, please DO NOT make another reply until it has been responded to by a member of the HJT Team. Generally the staff checks the forum for postings that have no replies as this makes it easier for them to identify those who have not been helped. If you post another response, a team member, looking for a new log to work may assume another HJT Team member is already assisting you and not open the thread to respond.

After posting a log you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files on your own, etc.) unless advised by a HJT Team member. Doing so can result in system changes which may not show in the log you already posted. Further, any modification you make may complicate the malware removal process and could adversely affect your system.

Edited by Starbuck, 31 August 2006 - 05:42 PM.


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users