Jump to content

Change Mode

Trojan found by 3 diff scanners need help removing


Recommended Posts

When I use Malwarebytes to remove It takes something out of windows because I get a bluescreen and then I have to do a system repair using my windows xp disc it takes hours to get it back But the trojan are still there I need help on how to remove them without damaging the windows files ?Malwarebytes Anti-Malware version: v2013.01.19.01Windows XP Service Pack 3 x86 NTFSInternet Explorer 8.0.6001.18702Administrator :: DEAN-426571A0EA [limited]1/19/2013 11:08:53 AMMBAM-log-2013-01-19 (11-52-50).txtScan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 274267Time elapsed: 7 minute(s), 52 second(s)Memory Processes Detected: 0(No malicious items detected)Memory Modules Detected: 0(No malicious items detected)Registry Keys Detected: 10HKCRTelevisionFanatic.SkinLauncher (PUP.MyWebSearch) -> No action taken.HKCRTelevisionFanatic.SkinLauncher.1 (PUP.MyWebSearch) -> No action taken.HKCRTelevisionFanatic.SkinLauncherSettings (PUP.MyWebSearch) -> No action taken.HKCRTelevisionFanatic.SkinLauncherSettings.1 (PUP.MyWebSearch) -> No action taken.HKCUSoftwareGoogleChromeExtensionsbbjciahceamgodcoidkjpchnokgfpphh (PUP.Funmoods) -> No action taken.HKCUSoftwareGoogleChromeExtensionscjpglkicenollcignonpgiafdgfeehoj (PUP.FunMoods) -> No action taken.HKLMSOFTWAREGoogleChromeExtensionsbbjciahceamgodcoidkjpchnokgfpphh (PUP.Funmoods) -> No action taken.HKLMSOFTWAREGoogleChromeExtensionscjpglkicenollcignonpgiafdgfeehoj (PUP.FunMoods) -> No action [email protected]/Plugin (PUP.MyWebSearch) -> No action taken.HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstallfunmoods (PUP.FunMoods) -> No action taken.Registry Values Detected: 1HKLMSOFTWAREMozillaFirefoxExtensions|[email protected] (PUP.MyWebSearch) -> Data: C:Program FilesTelevisionFanaticbar1.bin -> No action taken.Registry Data Items Detected: 0(No malicious items detected)Folders Detected: 3C:Program FilesFunmoods (PUP.FunMoods) -> No action taken.C:Program FilesFunmoods1.5.23.22 (PUP.FunMoods) -> No action taken.C:Program FilesFunmoods1.5.23.22bh (PUP.FunMoods) -> No action taken.Files Detected: 4C:Program FilesFunmoods1.5.23.22escortShld.dll (PUP.FunMoods) -> No action taken.C:Program FilesFunmoods1.5.23.22FavIcon.ico (PUP.FunMoods) -> No action taken.C:Program FilesFunmoods1.5.23.22Sqlite3.dll (PUP.FunMoods) -> No action taken.C:Program FilesFunmoods1.5.23.22uninstall.exe (PUP.FunMoods) -> No action taken.(end)

Link to post
Share on other sites

Alrighty then...Download DDS and save it to your desktop. Disable any script blocking protection (How to Disable your Security Programs)
Vista/Win7 right click on the DDS icon and select "Run as Administrator" to run the tool (may take up to 3 minutes to run). XP just double click the icon to run the tool.
When done, DDS.txt will open.
After a few moments, attach.txt will open in a second window.
Save both reports to your desktop.
Please copy/paste the contents of the DDS.txt and Attach.txt logs in a new thread that you start here > http://forums.pcpitstop.com/index.php?/forum/25-have-i-been-hijacked/






Link to post
Share on other sites


This topic is now archived and is closed to further replies.

  • Create New...