Thread: Weird secretive viruses and spyware
View Single Post
Old 05-13-2007, 01:21 PM   #12 (permalink)
silversquire848
Registered User
 
Join Date: May 2007
Posts: 13
OS: XP


Re: Weird secretive viruses and spyware
One thing that I forgot to mention in my first post was that on the top of my mozilla firefox browser the two tabs that usually read "Getting Started" and "Latest Headlines" are no longer there. Since it was a minor issue I forgot to put it in but i just throught you'd like to know.

Anyway, the Sonic problem that occured when I started my computer no longer happens however, the actual SONIC CINEPLAYER program that I had doesn't work at all when I put in a dvd, so I don't really see any benefit gained.

As for the gap in my icon tray; it disappeared! It's no longer there, thanks to you. However, I will still include a screenshot (taken before i did any steps) attached to this post.

Also while running smitfruad, option number 2, the words, "Replace infected file?" never came up as you told me they would in your post, however the rapport log was still produced in the end. Just to make sure, however, I ran the smitfraud thing(option number2) again and still those words didn't come up. That's about it. here's all the stuff;


here's the rapport.txt file:


SmitFraudFix v2.181

Scan done at 12:53:30.89, Sun 05/13/07
Run from C:\Documents and Settings\smith\My Documents\Virus logs\May 2007\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in safe mode

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Killing process


»»»»»»»»»»»»»»»»»»»»»»»» hosts


127.0.0.1 localhost

»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files


»»»»»»»»»»»»»»»»»»»»»»»» DNS

HKLM\SYSTEM\CCS\Services\Tcpip\..\{94CF50FD-37A8-4DF2-AB18-5CB620390F87}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{94CF50FD-37A8-4DF2-AB18-5CB620390F87}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\..\{94CF50FD-37A8-4DF2-AB18-5CB620390F87}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1


»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

Registry Cleaning done.

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» End








The rest is attached

Thank you once again!
Attached Images
File Type: jpg Screenshot 1.JPG (125.7 KB, 4 views)
Attached Files
File Type: txt SREngLOG.txt (40.6 KB, 3 views)
silversquire848 is offline