trojan and some spyware probs

Discussion in 'Malware Help (A Specialist Will Reply)' started by racer86, Jun 29, 2006.

  1. racer86

    racer86 Private E-2

    i seem to have a problem with trojans and some spyware. a certain trojan i have is trojan.downloader.small.cml which i cant get rid of and give me more trojans periodically. i also have 2nd-thought.com trojans which i cant get rif of either. i have gone through the read and run me steps already and still have these problems. thank you for your time
     

    Attached Files:

    racer86, Jun 29, 2006
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Majorgeeks!

    Actually your logs are pretty clean. You just have some remants of an infection remaining. But before we get to that, I have a couple questions.

    Is your copy of Ewido a free trial version or a paid version?
    Is your copy of SpywareDoctor a free trial version or a paid version?


    Make sure viewing of hidden files is enabled (per the tutorial).

    Run HijackThis and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:
    O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
    O20 - Winlogon Notify: winzzc32 - winzzc32.dll (file missing)

    After clicking Fix, exit HJT.
    Boot into safe mode and use Windows Explorer to delete:
    C:\windows\system32\winzzc32.dll <--- I don't expect you to find this but we need to check

    Now if running Win XP goto c:\windows\Prefetch and delete all files in this folder.
    Now run Ccleaner (installed while running the READ ME FIRST).

    Now reboot in normal mode and post a new HJT log.

    Make sure you tell me how things are working now.

    Reminder Note: Once we have determined you are malware free you will need to disable System Restore, reboot, and re-enable system restore per step 1 of the READ & RUN ME. This only applies to if using WinXP or WinMe.
     
    chaslang, Jun 29, 2006
    #2
  3. racer86

    racer86 Private E-2

    everything seems to be working fine. i havent gotten any random trojans from the trojan.downloader.small.cml . my comp seems to be running slow but that may be because i have too many stuff on my desktop. to answer your questions, i have the free version of ewido and a paid version of spywaredoctor.
     
    Last edited: Jun 29, 2006
    racer86, Jun 29, 2006
    #3
  4. racer86

    racer86 Private E-2

    i had trouble with the hijackthis logs because i was uploading a log with the same name as the previous log and there were uploading errors and i ran outta editing time before i realized it so im going to attatch the new log.
     

    Attached Files:

    racer86, Jun 29, 2006
    #4
  5. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Okay then since Spyware Doctor is a paid version, you need to Uninstall Ewido and also uninstall Windows Defender. This will also help speed things up.

    Your log is clean. If you are not having any other malware problems, it is time to go back to step 1 of the READ & RUN ME to Disable System Restore which will flush your Restore Points. Then reboot and enable System Restore to create a new clean Restore Point.

    After that, you should work thru the below link:

    How to Protect yourself from malware!
     
    chaslang, Jun 30, 2006
    #5

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds