Winlogonhook

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by SpywareNazi, Sep 30, 2007.

  1. SpywareNazi

    SpywareNazi Private E-2

    hi,, i followed the instructions on how to remove it but it keeps coming back and i don't know what to do!

    but i know where the source of the problem is but don't know how to find it.
    "HKLM\Software\microsoft\mssmgr\"

    so if anyone can help me fix it or tell me how to find the HKLM thanks.
    -------------------------------------------------------------------------------------------------------------------
    9:34 PM: Removal process completed. Elapsed time 00:00:00
    9:34 PM: Quarantining All Traces: trojan agent winlogonhook
    9:34 PM: Removal process initiated
    9:33 PM: Traces Found: 1
    9:33 PM: Full Sweep has completed. Elapsed time 00:36:34
    9:33 PM: Warning: Failed to access drive F:
    9:33 PM: Warning: Failed to access drive E:
    9:33 PM: File Sweep Complete, Elapsed Time: 00:33:39
    9:00 PM: Starting File Sweep
    9:00 PM: Cookie Sweep Complete, Elapsed Time: 00:00:00
    9:00 PM: Starting Cookie Sweep
    9:00 PM: Registry Sweep Complete, Elapsed Time:00:00:20
    9:00 PM: HKLM\software\microsoft\mssmgr\ (ID = 1776755)
    9:00 PM: Found Trojan Horse: trojan agent winlogonhook
    8:59 PM: Starting Registry Sweep
    8:59 PM: Memory Sweep Complete, Elapsed Time: 00:02:31
    8:57 PM: Starting Memory Sweep
    8:57 PM: Sweep initiated using definitions version 999
    8:57 PM: Spy Sweeper 5.0.5.1286 started
    8:57 PM: | Start of Session, September 29, 2007 |
    ********
    8:57 PM: | End of Session, September 29, 2007 |
    Keylogger Shield: On
    BHO Shield: On
    IE Security Shield: On
    Alternate Data Stream (ADS) Execution Shield: On
    Startup Shield: On
    Common Ad Sites Shield: Off
    Hosts File Shield: On
    Spy Communication Shield: On
    ActiveX Shield: On
    Windows Messenger Service Shield: On
    IE Favorites Shield: On
    Spy Installation Shield: On
    Memory Shield: On
    IE Hijack Shield: On
    IE Tracking Cookies Shield: Off
    8:55 PM: Shield States
    8:55 PM: Spyware Definitions: 999
    8:55 PM: Spy Sweeper 5.0.5.1286 started
    8:39 PM: | End of Session, September 29, 2007
     

    Attached Files:

    SpywareNazi, Sep 30, 2007
    #1
  2. abri

    abri MajorGeek

    Hi SpywareNazi!
    Welcome to Major Geeks!

    Please run the following scan and then follow the instructions in the box below. After you've finished the Combofix scan and the others which follow, please post the logs to us.

    Run this utility:
    After you've run Combofix, please follow the instructions and links in the box below!

    abri
     
    abri, Sep 30, 2007
    #2
  3. SpywareNazi

    SpywareNazi Private E-2

    ok, i have a problem with my lab right now so it will take sometime to post up a report.
     
    SpywareNazi, Sep 30, 2007
    #3
  4. abri

    abri MajorGeek

    no problem! It won't run away. :)
     
    abri, Sep 30, 2007
    #4

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds