Malware Issues

Hello,

I have followed the procedures in the malware removal thread (http://forums.majorgeeks.com/showthread.php?t=139313) exactly and was not able to remove the malware that was originally detected by hijackthis. The Trojans that were detected are as follows

C:\WINDOWS\system32\ctfmon.exe (which is a CoolWebSearch variant)
C:\WINDOWS\system32\browseui.dll (which is the Registry key autorun for the ctfmon.exe)

I will attach all of the logs to this thread that were taken during the tutorial. Once I do this will someone please help me get rid of this nasty thing. It is really slowing my machine down.

Thanks,

Robert

 

Here is the first set of logs

 

Here is the final set of logs. If anyone can tell me how to remove this nasty trojan I will be very grateful!

Thanks,

Robert

 

First and foremost I know hijackthis just shows the running processes on the machine and most are valid entries. There is a tool that can be used to analyze hijackthis logs at the following url: http://hjt.networktechs.com/ and it attempts to tell you what are valid entries and what are not.

As far as my machine being slow, what I am referring to is not a memory issue or a resources issue. If I look at my resources when my machine is responding slowly I still have 98% of my resources in system idle processes. My machine freezes when trying to open Windows Explorer and then my whole machine locks up. Then when I try to shut the machine off, a pop-up occurs that says can not shut down please close "hidden fax window". I then have to manually shut my machine off and reboot.

As far as who put those things in a trusted zone, that would be the "geniuses" in the IT department at my office. I don't have control over most of the policies on this machine as it is a work machine. I don't have issues on my personal machines ever! I only experience these issues on machines with our corporate load of Windows XP with all the policies that they require.