Jump to content

Archived

This topic is now archived and is closed to further replies.

jackpot316

Trojan found by 3 diff scanners need help removing

Recommended Posts

When I use Malwarebytes to remove It takes something out of windows because I get a bluescreen and then I have to do a system repair using my windows xp disc it takes hours to get it back But the trojan are still there I need help on how to remove them without damaging the windows files ?Malwarebytes Anti-Malware 1.70.0.1100www.malwarebytes.orgDatabase version: v2013.01.19.01Windows XP Service Pack 3 x86 NTFSInternet Explorer 8.0.6001.18702Administrator :: DEAN-426571A0EA [limited]1/19/2013 11:08:53 AMMBAM-log-2013-01-19 (11-52-50).txtScan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 274267Time elapsed: 7 minute(s), 52 second(s)Memory Processes Detected: 0(No malicious items detected)Memory Modules Detected: 0(No malicious items detected)Registry Keys Detected: 10HKCRTelevisionFanatic.SkinLauncher (PUP.MyWebSearch) -> No action taken.HKCRTelevisionFanatic.SkinLauncher.1 (PUP.MyWebSearch) -> No action taken.HKCRTelevisionFanatic.SkinLauncherSettings (PUP.MyWebSearch) -> No action taken.HKCRTelevisionFanatic.SkinLauncherSettings.1 (PUP.MyWebSearch) -> No action taken.HKCUSoftwareGoogleChromeExtensionsbbjciahceamgodcoidkjpchnokgfpphh (PUP.Funmoods) -> No action taken.HKCUSoftwareGoogleChromeExtensionscjpglkicenollcignonpgiafdgfeehoj (PUP.FunMoods) -> No action taken.HKLMSOFTWAREGoogleChromeExtensionsbbjciahceamgodcoidkjpchnokgfpphh (PUP.Funmoods) -> No action taken.HKLMSOFTWAREGoogleChromeExtensionscjpglkicenollcignonpgiafdgfeehoj (PUP.FunMoods) -> No action [email protected]/Plugin (PUP.MyWebSearch) -> No action taken.HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstallfunmoods (PUP.FunMoods) -> No action taken.Registry Values Detected: 1HKLMSOFTWAREMozillaFirefoxExtensions|[email protected] (PUP.MyWebSearch) -> Data: C:Program FilesTelevisionFanaticbar1.bin -> No action taken.Registry Data Items Detected: 0(No malicious items detected)Folders Detected: 3C:Program FilesFunmoods (PUP.FunMoods) -> No action taken.C:Program FilesFunmoods1.5.23.22 (PUP.FunMoods) -> No action taken.C:Program FilesFunmoods1.5.23.22bh (PUP.FunMoods) -> No action taken.Files Detected: 4C:Program FilesFunmoods1.5.23.22escortShld.dll (PUP.FunMoods) -> No action taken.C:Program FilesFunmoods1.5.23.22FavIcon.ico (PUP.FunMoods) -> No action taken.C:Program FilesFunmoods1.5.23.22Sqlite3.dll (PUP.FunMoods) -> No action taken.C:Program FilesFunmoods1.5.23.22uninstall.exe (PUP.FunMoods) -> No action taken.(end)

Share this post


Link to post
Share on other sites

Alrighty then...Download DDS and save it to your desktop. Disable any script blocking protection (How to Disable your Security Programs)
Vista/Win7 right click on the DDS icon and select "Run as Administrator" to run the tool (may take up to 3 minutes to run). XP just double click the icon to run the tool.
When done, DDS.txt will open.
After a few moments, attach.txt will open in a second window.
Save both reports to your desktop.
Please copy/paste the contents of the DDS.txt and Attach.txt logs in a new thread that you start here > http://forums.pcpitstop.com/index.php?/forum/25-have-i-been-hijacked/

 

 

 

 

:geezer:

Share this post


Link to post
Share on other sites

×
×
  • Create New...