Help Please, Trojan Virus infection

Discussion in 'Malware Help (A Specialist Will Reply)' started by Adamcomputing, Sep 11, 2006.

  1. Adamcomputing

    Adamcomputing Private E-2

    Hello

    I have a Intel Pentium M processor with 1.6GHz and 480MB of RAM I run windows XP Home edition and have a 80HD

    I have read and run all preliminary checks listed on the following page

    C:\Documents and Settings\Adam Ross\My Documents\My Shit\READ & RUN ME FIRST Before Asking for Support - MajorGeeks Support Forums.mht

    Running these diagnostic tests have not shown much other than Panda active scan found a Spyware:Cookie/Tribalfusion and Infected registry entries detected HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer ForceActiveDesktopOn

    Which I have now removed... My CPU is still running very very slow and im unsure what to do.

    I also ran SpywareDr and the programe informed me of a virtuemonde virus, however I cannot find this with winfixer....



    Please help
     

    Attached Files:

    Adamcomputing, Sep 11, 2006
    #1
  2. Adamcomputing

    Adamcomputing Private E-2

    more attachments
     

    Attached Files:

    Adamcomputing, Sep 11, 2006
    #2
  3. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Majorgeeks!

    Based on your logs, you do not have any malware problems. You jsut have to many things running.

    You have Symantec and AVG. You need to uninstall the last service from Symantec.
    You have CounterSpy, Ewido, SPYWAREfighter installed. If they are free versions, you should uninstall all of these especially SPYWAREfighter which in all likelyhood is probably a rogue tool.

    Then you can use HJT to fix the below non-malware items that you don't need to load.

    O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

    You also made the below statement:
    Winfixer is Virtumonde. DO NOT USE Winfixer.
     
    chaslang, Sep 12, 2006
    #3
  4. Adamcomputing

    Adamcomputing Private E-2

    Thank you for your time I will begin all actions you advised and send a new reply when finished.

    Thanks again :)
     
    Adamcomputing, Sep 13, 2006
    #4
  5. Adamcomputing

    Adamcomputing Private E-2

    :)

    Thanks For Your help The CPU speed is idling correctly now and everything seems to back to "normal"

    Thanks again

    I have attached my new Hijackthis log file
     

    Attached Files:

    Adamcomputing, Sep 13, 2006
    #5
  6. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    chaslang, Sep 13, 2006
    #6
  7. Adamcomputing

    Adamcomputing Private E-2

    I will take all the ssteps advised...

    thanks again
     
    Adamcomputing, Sep 20, 2006
    #7
  8. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You're welcome. Surf safely.
     
    chaslang, Sep 21, 2006
    #8

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds