jackpot316 Posted January 19, 2013 Share Posted January 19, 2013 When I use Malwarebytes to remove It takes something out of windows because I get a bluescreen and then I have to do a system repair using my windows xp disc it takes hours to get it back But the trojan are still there I need help on how to remove them without damaging the windows files ?Malwarebytes Anti-Malware 1.70.0.1100www.malwarebytes.orgDatabase version: v2013.01.19.01Windows XP Service Pack 3 x86 NTFSInternet Explorer 8.0.6001.18702Administrator :: DEAN-426571A0EA [limited]1/19/2013 11:08:53 AMMBAM-log-2013-01-19 (11-52-50).txtScan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 274267Time elapsed: 7 minute(s), 52 second(s)Memory Processes Detected: 0(No malicious items detected)Memory Modules Detected: 0(No malicious items detected)Registry Keys Detected: 10HKCRTelevisionFanatic.SkinLauncher (PUP.MyWebSearch) -> No action taken.HKCRTelevisionFanatic.SkinLauncher.1 (PUP.MyWebSearch) -> No action taken.HKCRTelevisionFanatic.SkinLauncherSettings (PUP.MyWebSearch) -> No action taken.HKCRTelevisionFanatic.SkinLauncherSettings.1 (PUP.MyWebSearch) -> No action taken.HKCUSoftwareGoogleChromeExtensionsbbjciahceamgodcoidkjpchnokgfpphh (PUP.Funmoods) -> No action taken.HKCUSoftwareGoogleChromeExtensionscjpglkicenollcignonpgiafdgfeehoj (PUP.FunMoods) -> No action taken.HKLMSOFTWAREGoogleChromeExtensionsbbjciahceamgodcoidkjpchnokgfpphh (PUP.Funmoods) -> No action taken.HKLMSOFTWAREGoogleChromeExtensionscjpglkicenollcignonpgiafdgfeehoj (PUP.FunMoods) -> No action [email protected]/Plugin (PUP.MyWebSearch) -> No action taken.HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstallfunmoods (PUP.FunMoods) -> No action taken.Registry Values Detected: 1HKLMSOFTWAREMozillaFirefoxExtensions|[email protected] (PUP.MyWebSearch) -> Data: C:Program FilesTelevisionFanaticbar1.bin -> No action taken.Registry Data Items Detected: 0(No malicious items detected)Folders Detected: 3C:Program FilesFunmoods (PUP.FunMoods) -> No action taken.C:Program FilesFunmoods1.5.23.22 (PUP.FunMoods) -> No action taken.C:Program FilesFunmoods1.5.23.22bh (PUP.FunMoods) -> No action taken.Files Detected: 4C:Program FilesFunmoods1.5.23.22escortShld.dll (PUP.FunMoods) -> No action taken.C:Program FilesFunmoods1.5.23.22FavIcon.ico (PUP.FunMoods) -> No action taken.C:Program FilesFunmoods1.5.23.22Sqlite3.dll (PUP.FunMoods) -> No action taken.C:Program FilesFunmoods1.5.23.22uninstall.exe (PUP.FunMoods) -> No action taken.(end) Link to post Share on other sites
caintry_boy Posted January 19, 2013 Share Posted January 19, 2013 Alrighty then...Download DDS and save it to your desktop. Disable any script blocking protection (How to Disable your Security Programs)Vista/Win7 right click on the DDS icon and select "Run as Administrator" to run the tool (may take up to 3 minutes to run). XP just double click the icon to run the tool.When done, DDS.txt will open.After a few moments, attach.txt will open in a second window.Save both reports to your desktop.Please copy/paste the contents of the DDS.txt and Attach.txt logs in a new thread that you start here > http://forums.pcpitstop.com/index.php?/forum/25-have-i-been-hijacked/ Link to post Share on other sites
Recommended Posts
Archived
This topic is now archived and is closed to further replies.