Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Hi Jack This Computer


  • This topic is locked This topic is locked
1 reply to this topic

#1 daringmoves

daringmoves

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:09:17 PM

Posted 23 November 2006 - 02:26 PM

I want to say Happy Thanksgiving. I Please review details below. Please followed the instuction and this what I got. Should I have selected yes or no for system restore in XP safe mode?

SmitFraudFix v2.123

Scan done at 11:09:33.21, Thu 11/23/2006
Run from C:\Documents and Settings\Dennis Rankin\Desktop\SmitFraudFIX Extracted Files
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
Fix run in safe mode

Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

Killing process


Generic Renos Fix

GenericRenosFix by S!Ri


Deleting infected files

C:\Program Files\QualityCodec\ Deleted

Deleting Temp Files


Registry Cleaning

Registry Cleaning done.

After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


End

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 1:36:23 PM 11/23/2006

+ Scan result:



C:\System Volume Information\_restore{99F8CD48-907E-4F42-BB48-1B6B1178B747}\RP4\A0000217.exe -> Downloader.Zlob.agu : Cleaned.
C:\System Volume Information\_restore{99F8CD48-907E-4F42-BB48-1B6B1178B747}\RP4\A0000216.exe -> Downloader.Zlob.aos : Cleaned.
C:\System Volume Information\_restore{99F8CD48-907E-4F42-BB48-1B6B1178B747}\RP4\A0000215.exe -> Downloader.Zlob.aox : Cleaned.
C:\System Volume Information\_restore{99F8CD48-907E-4F42-BB48-1B6B1178B747}\RP5\A0001270.exe -> Downloader.Zlob.asl : Cleaned.
C:\System Volume Information\_restore{99F8CD48-907E-4F42-BB48-1B6B1178B747}\RP5\A0001308.exe -> Downloader.Zlob.asl : Cleaned.
C:\System Volume Information\_restore{99F8CD48-907E-4F42-BB48-1B6B1178B747}\RP4\A0000198.dll -> Downloader.Zlob.aue : Cleaned.
C:\System Volume Information\_restore{99F8CD48-907E-4F42-BB48-1B6B1178B747}\RP4\A0000214.dll -> Downloader.Zlob.awn : Cleaned.
C:\System Volume Information\_restore{99F8CD48-907E-4F42-BB48-1B6B1178B747}\RP5\A0001305.exe -> Downloader.Zlob.awo : Cleaned.
C:\Documents and Settings\Debra Morrishow\Cookies\debra morrishow@www.burstbeacon[1].txt -> TrackingCookie.Burstbeacon : Cleaned.
I:\Debra Morrishow\Cookies\debra morrishow@www.burstbeacon[1].txt -> TrackingCookie.Burstbeacon : Cleaned.
C:\Documents and Settings\Debra Morrishow\Cookies\debra morrishow@adopt.euroclick[1].txt -> TrackingCookie.Euroclick : Cleaned.
I:\Debra Morrishow\Cookies\debra morrishow@adopt.euroclick[1].txt -> TrackingCookie.Euroclick : Cleaned.
C:\Documents and Settings\Debra Morrishow\Cookies\debra morrishow@sales.liveperson[1].txt -> TrackingCookie.Liveperson : Cleaned.
C:\Documents and Settings\Debra Morrishow\Cookies\debra morrishow@sec1.liveperson[2].txt -> TrackingCookie.Liveperson : Cleaned.
I:\Debra Morrishow\Cookies\debra morrishow@sales.liveperson[1].txt -> TrackingCookie.Liveperson : Cleaned.
I:\Debra Morrishow\Cookies\debra morrishow@sec1.liveperson[2].txt -> TrackingCookie.Liveperson : Cleaned.
C:\Documents and Settings\Debra Morrishow\Cookies\debra morrishow@tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned.
I:\Debra Morrishow\Cookies\debra morrishow@tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Program Files\Trillian\patch.exe -> Trojan.Delf.li : Cleaned.
C:\router\Trillian_Pro.zip/patch.exe -> Trojan.Delf.li : Cleaned.


::Report end

I don't know what this is. Help !

Daringmoves

BC AdBot (Login to Remove)

 


#2 MFDnSC

MFDnSC

    Ret. Director I/T


  • Members
  • 4,310 posts
  • OFFLINE
  •  
  • Local time:09:17 PM

Posted 23 November 2006 - 02:36 PM

Being helped here

http://www.bleepingcomputer.com/forums/t/72867/infected-with-trojan-malware/

Closing
"Nothing could be finer than to be in South Carolina ............"

Member ASAP




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users