Trojan W32 Looksky HELP!!

Posted 10/6/2007 2:22 PM
#54673
User avatar

triaNg3L Member

Date Joined Nov 2016
Total Posts: 1
I've infected with Trojan W32 Looksky. But after i've run the SDFix, it still not yet complete is it?
I don't know what to do, but anyway, this the report of what i got after i run the SDFix
Someone please help me!!!!

SDFix: Version 1.107

Run by triaNg3L on 10/06/2007 Sat at 09:29 AM

Microsoft Windows XP [Version 5.1.2600]

Running From: C:\SDFix

Safe Mode:
Checking Services:


Restoring Windows Registry Values
Restoring Windows Default Hosts File

Rebooting...


Normal Mode:
Checking Files:

Trojan Files Found:

C:\Documents and Settings\triaNg3L\Favorites\Error Cleaner.url - Deleted
C:\Documents and Settings\triaNg3L\Favorites\Privacy Protector.url - Deleted
C:\Documents and Settings\triaNg3L\Favorites\Spyware&Malware Protection.url - Deleted
C:\WINDOWS\privacy_danger\index.htm - Deleted
C:\WINDOWS\privacy_danger\images\capt.gif - Deleted
C:\WINDOWS\privacy_danger\images\danger.jpg - Deleted
C:\WINDOWS\privacy_danger\images\down.gif - Deleted
C:\WINDOWS\privacy_danger\images\spacer.gif - Deleted


Folder C:\WINDOWS\privacy_danger - Removed

Removing Temp Files...

ADS Check:

C:\WINDOWS
No streams found.

C:\WINDOWS\system32
No streams found.

C:\WINDOWS\system32\svchost.exe
No streams found.

C:\WINDOWS\system32\ntoskrnl.exe
No streams found.



Final Check:

Remaining Services:
------------------




Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Program Files\\Logicool\\Desktop Messenger\\8876480\\Program\\LogicoolDesktopMessenger.exe"="C:\\Program Files\\Logicool\\Desktop Messenger\\8876480\\Program\\LogicoolDesktopMessenger.exe:*:Enabled:Logicool Desktop Messenger"
"C:\\Program Files\\BitTorrent\\bittorrent.exe"="C:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"C:\\Program Files\\Logicool\\Desktop Messenger\\8876480\\Program\\LogicoolDesktopMessenger.exe"="C:\\Program Files\\Logicool\\Desktop Messenger\\8876480\\Program\\LogicoolDesktopMessenger.exe:*:Enabled:Logicool Desktop Messenger"

Remaining Files:
---------------

File Backups: - C:\SDFix\backups\backups.zip

Files with Hidden Attributes:


Finished!
Posted 10/11/2007 7:22 AM
#54814
User avatar

Tina Karol Advanced member

Date Joined Nov 2016
Total Posts: 98
hi there,
this trojan is really pesky, but you can delete it using looksky removal. good luck
tc;)
  • Unread posts or replies
  • No unread posts or replies
  • Unread Posts (Read Only Forum)
  • No Unread Posts (Read Only Forum)

Forum Information

Currently it is Monday, September 24, 2018, 11:48 PM (GMT +2)
There are a total of 61,678 posts in 13,587 threads.
In the last 3 days there were 0 new threads and 1 reply posts.

Who's online

This forum has 38,397 registered members. Please welcome our newest member, NeilBhisma.
There are currently no users on-line.
We use cookies to ensure that we give you the best experience on our website. By continuing to browse, we are assuming that you have no objection in accepting cookies. You can change your cookie settings at any time.