Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Trojan SpyBurner SPM/L4 Need help on removal!

Started by ejan443 , Mar 07 2008 02:51 PM

  • Please log in to reply

#1
ejan443
Posted 07 March 2008 - 02:51 PM

ejan443

    New Member

  • Member
  • Pip
  • 1 posts
I have Windows Defender, Windows Live One Care, and since this trojan decided to infect my computer, I bought TrojanPro and have Spybot. None of it is working to get rid of this trojan! Please help. I even downloaded SmitFix and this is what I have:

SmitFraudFix v2.300

Scan done at 14:29:55.83, Fri 03/07/2008
Run from C:\Users\Janel\Desktop\SmitfraudFix
OS: Microsoft Windows [Version 6.0.6000] - Windows_NT
The filesystem type is NTFS
Fix run in safe mode

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Killing process


»»»»»»»»»»»»»»»»»»»»»»»» hosts


127.0.0.1 localhost
::1 localhost

»»»»»»»»»»»»»»»»»»»»»»»» VACFix

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix

S!Ri's WS2Fix: LSP not Found.


»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files


»»»»»»»»»»»»»»»»»»»»»»»» IEDFix

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» DNS

HKLM\SYSTEM\CCS\Services\Tcpip\..\{41C14802-0146-48BD-A2F5-F6B8B5984DAE}: DhcpNameServer=66.255.85.8 66.255.85.9 199.72.1.1 207.59.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\..\{6A89AC60-AF0A-42F2-B91B-37B9B126CDA8}: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CCS\Services\Tcpip\..\{9E9AD759-FAEF-48D5-9E87-A6D381CF5216}: DhcpNameServer=65.32.5.74 65.32.5.75
HKLM\SYSTEM\CCS\Services\Tcpip\..\{9EA9D0F8-1B67-4439-AE36-9AA3BAC02DD1}: DhcpNameServer=192.168.0.1
HKLM\SYSTEM\CCS\Services\Tcpip\..\{E4D687C4-370D-4FB1-B6E5-29B97850FBE7}: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{41C14802-0146-48BD-A2F5-F6B8B5984DAE}: DhcpNameServer=66.255.85.8 66.255.85.9 199.72.1.1 207.59.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{9EA9D0F8-1B67-4439-AE36-9AA3BAC02DD1}: DhcpNameServer=192.168.0.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{E4D687C4-370D-4FB1-B6E5-29B97850FBE7}: DhcpNameServer=65.32.5.74 65.32.5.75
HKLM\SYSTEM\CS2\Services\Tcpip\..\{41C14802-0146-48BD-A2F5-F6B8B5984DAE}: DhcpNameServer=66.255.85.8 66.255.85.9 199.72.1.1 207.59.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{6A89AC60-AF0A-42F2-B91B-37B9B126CDA8}: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{9E9AD759-FAEF-48D5-9E87-A6D381CF5216}: DhcpNameServer=65.32.5.74 65.32.5.75
HKLM\SYSTEM\CS2\Services\Tcpip\..\{9EA9D0F8-1B67-4439-AE36-9AA3BAC02DD1}: DhcpNameServer=192.168.0.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{E4D687C4-370D-4FB1-B6E5-29B97850FBE7}: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CS3\Services\Tcpip\..\{41C14802-0146-48BD-A2F5-F6B8B5984DAE}: DhcpNameServer=66.255.85.8 66.255.85.9 199.72.1.1 207.59.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\..\{6A89AC60-AF0A-42F2-B91B-37B9B126CDA8}: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CS3\Services\Tcpip\..\{9E9AD759-FAEF-48D5-9E87-A6D381CF5216}: DhcpNameServer=65.32.5.74 65.32.5.75
HKLM\SYSTEM\CS3\Services\Tcpip\..\{9EA9D0F8-1B67-4439-AE36-9AA3BAC02DD1}: DhcpNameServer=192.168.0.1
HKLM\SYSTEM\CS3\Services\Tcpip\..\{E4D687C4-370D-4FB1-B6E5-29B97850FBE7}: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=65.32.5.74 65.32.5.75
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.2.1


»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]


»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

Registry Cleaning done.

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» End

How can I get rid of this annoying little bug??? A popup keeps telling me my computer is affected and my desktop background now has a message warning instead of my pic that I had on there.
  • 0

Advertisements

#2
hfcg
Posted 07 March 2008 - 03:05 PM

hfcg

    The hippie freak computer geek

  • Member
  • PipPipPipPipPip
  • 2,496 posts
Hello, and welcome to Geeks To Go.
I suggest you go to the Malware Forum and run all the steps located in the START HERE. These self-help tools will help you clean up 70% of problems on your own. If you are still having problems after doing the steps, then please post a HiJackThis Log in THAT forum. If you are unable to run and/or post a HJT log, then post that in your initial post in the topic you create in that forum.
If you are still having problems after being given a clean bill of health from the malware expert, then please return to THIS thread and we will pursue other options to help you solve your current problem(s).
  • 0
Back to Windows Vista and Windows 7 · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Retired Forums
  3. Windows Vista and Windows 7

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP