Trojan SwfDL.A... HELP! :) (RESOLVED)

  1. 19-08-2006  #1
    kostakio
    kostakio is offline Newbie

    Trojan SwfDL.A... HELP! :) (RESOLVED)

    Before I begin, please note that I am not too computer savvy and aplogize in advance for my lack of knowledge so please bear with me. Now, when running a BitDefender scan I receive the following report:


    //-----------------------------------------------------------------
    //
    // Product: BitDefender 9 Professional Plus
    // Version: 9.5
    //
    // Created on: 19/08/2006 12:08:17
    //
    //-----------------------------------------------------------------


    Virus Statistics

    Scan path : A:\
    C:\
    D:\
    C:\Documents and Settings\Constantine\My Documents
    C:\Documents and Settings\Constantine\Desktop\My Music
    Folders : 2119
    Files : 163170
    Archives : 1000
    Packed files : 6457
    Identified viruses : 1
    Infected files : 1
    Warnings : 0
    Suspect files : 0
    Disinfected files : 0
    Deleted files : 0
    Copied files : 0
    Moved files : 0
    Renamed files : 0
    I/O errors : 33
    Scan time : 00:36:23
    Scan speed (files/sec) : 74

    Spyware Statistics

    Memory processes scanned : 14
    Memory processes infected : 0
    Registry keys scanned : 1608
    Registry keys infected : 0
    Cookies scanned : 0
    Cookies infected : 0
    Spyware files infected : 0
    Spyware threats detected : 0


    Virus definitions : 480382
    Scan plugins : 15
    Archive plugins : 42
    Unpack plugins : 5
    Mail plugins : 6
    System plugins : 5

    Virus scan options

    Detection
    [X] Scan boot sectors
    [X] Scan archives
    [X] Scan packed files
    [X] Scan email

    File mask
    [ ] Programs
    [X] All files
    [ ] User defined extensions:
    [ ] Exclude extensions: ;

    Action

    Infected objects
    [ ] Ignore
    [X] Disinfect
    [ ] Delete
    [ ] Copy to quarantine
    [ ] Move to quarantine
    [ ] Rename
    [ ] Prompt user

    Second action
    [ ] Ignore
    [ ] Delete
    [ ] Copy to quarantine
    [X] Move to quarantine
    [ ] Rename
    [ ] Prompt user

    Virus scan options
    [X] Enable warnings
    [X] Enable heuristics
    [ ] Show all files in log
    [X] Report file: C:\Program Files\Softwin\BitDefender9\Logs\vscan_1156003697.l og

    Spyware scan options

    [X] Memory Processes
    [X] Registry keys
    [X] Cookies


    Summary:

    C:\Documents and Settings\Carolina\Local Settings\Temporary Internet Files\Content.IE5\Q1QAKEYB\ad-sp2-fastclick[1].swf=>[SWF command] Infected: Trojan.SwfDL.A
    C:\Documents and Settings\Carolina\Local Settings\Temporary Internet Files\Content.IE5\Q1QAKEYB\ad-sp2-fastclick[1].swf=>[SWF command] Disinfection failed
    C:\Documents and Settings\Carolina\Local Settings\Temporary Internet Files\Content.IE5\Q1QAKEYB\ad-sp2-fastclick[1].swf=>[SWF command] Move failed




    ANY assitance would be GREATLY appreciated. Thanks in advance, folks.
  2. 20-08-2006  #2
    VopThis
    VopThis is offline Senior Member (Canada)
    The item found by Bitdefender is sitting in a TEMPORARY file. Such files need to be cleaned out from time-to-time to to avoid leaving behind any potential doggy items. Another scan tool might not be a bad idea, as well.


    [need XP or similarly compatible OS]
    Download and install Ewido anti-spyware 4.0 (uninstall any previous version first).
    • Click the Download BUTTON. On the next page click the Download now BUTTON.
    • Save and then install (Run) from the save location.
    • Open/Run ewido anti-spyware
    • Wait a few moments and Ewido should Auto update itself (note date of last update). If it doesn't update, click the update ICON at top of screen:

    • Click on the Update now LINK at the top of the window
      • Click on the Start update button
      • Wait for the update to download and install
  3. This is very important to get the LATEST updates
  4. Click on the Status ICON
    • Under "Your computers Security"
      Click change status on Resident shield to inactive (ONLY consider activation of that feature once you are clean)
  5. Click on the Scanner ICON at the top of the window
  6. Click on the Settings tab then select Recommended Actions and choose Quarantine
  7. When updating has finished. Close Ewido.



    8. We will be using this tool in a later step.




    Reboot your computer in Safe Mode.
    • If the computer is running, shut down Windows, and then turn off the power.
    • Wait 30 seconds, and then turn the computer on.
    • Start tapping the F8 key. The Windows Advanced Options Menu appears. If you begin tapping the F8 key too soon, some computers display a "keyboard error" message. To resolve this, restart the computer and try again.
    • Ensure that the Safe Mode option is selected.
    • Press Enter. The computer then begins to start in Safe mode.
    • Login on your usual account.
    ______________________________

    Clean out your Temporary Internet files. Proceed like this:
    • Quit Internet Explorer and quit any instances of Windows Explorer.
    • Click Start, click Control Panel, and then double-click Internet Options.
    • On the General tab, click Delete Files under Temporary Internet Files.
    • In the Delete Files dialog box, tick the Delete all offline content check box , and then click OK.
    • On the General tab, click Delete Cookies under Temporary Internet Files, and then click OK.
    • Click on the Programs tab then click the Reset Web Settings button. Click Apply then OK.
    • Click OK.
    Next Click Start, click Control Panel and then double-click Display. Click on the Desktop tab, then click the Customize Desktop button. Click on the Web tab. Under Web Pages you should see a checked entry called Security info or something similar. If it is there, select that entry and click the Delete button. Click Ok then Apply and Ok.

    Empty the Recycle Bin by right-clicking the Recycle Bin icon on your Desktop, and then clicking Empty Recycle Bin.


    ______________________________

    Close ALL open Windows / Programs / Folders. Please start Ewido, and run a full scan:
    • Click on the default Status ICON and select the Scan now LINK.

      OR

    • Click on the Scanner ICON . Select the Scan TAB.

      • Select Complete System Scan. Ewido will now begin to scan your system.

    • If Ewido finds anything it will list them in the Preview WINDOW:
      • Make sure that Set all elements to: shows Quarantine, if not click on the link and choose Quarantine from the popup menu.
      • Select Apply all actions at the bottom of the window (and the items found will be quarantined – and recoverable, if any items are needed back).

    • When the scan has completed, click on the Save Scan Report button and save the scan to your Desktop where it can be easily found.
    • Copy and paste the EWIDO scan results into your next post.
    • Close Ewido and REBOOT.



    POST A HIJACKTHIS LOG for review:
    Seek guidance here, if needed:
    http://www.d-a-l.com/help/showthread.php?t=32403

    Reboot and post a HijackThis log with any feedback as appropriate (from above scans) - how things are now behaving: any new or remaining apparent issues.
  • 20-08-2006  #3
    kostakio
    kostakio is offline Newbie
    Save 20% on AVG Internet Security 2012 Suite!
    Thanks a lot, it's gone! It doesn't show up anymore at all. It used to show up in every scan! You're incredible!
    • + Reply to Thread
    « Back for More: HJT Log | cannot view video (either saved or streaming)(RESOLVED) »

    Similar Threads