i did scan with malware bytes free version.
i got following.
Memory Modules Infected: 1
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 4
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
c:\WINDOWS\system32\termsrv.dll (Trojan.Downloader) -> No action taken.
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\termservice (Trojan.Downloader) -> No action taken.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\Documents and Settings\sri user\Application Data\Microsoft\svchost.exe (Backdoor.Gbot) -> No action taken.
C:\WINDOWS\system32\termsrv.dll (Trojan.Downloader) -> No action taken.
C:\Documents and Settings\sri user\Local Settings\Temp\0.9803419823262692.exe (Backdoor.Gbot) -> No action taken.
C:\Documents and Settings\sri user\Application Data\Microsoft\stor.cfg (Malware.Trace) -> No action taken.
i am scared to delete termsrv.dll.
and also any comments on the other malware results would be really helpful.
thank you
