Trojan Invaders? (Malware Logs)

Discussion in 'Malware Help (A Specialist Will Reply)' started by dravingr, Apr 17, 2007.

  1. dravingr

    dravingr Private E-2

    Hi all - thanks for the walkthrough on malware removal! I've followed every step of the "Malware Removal Guide", and I'm including the logs hoping someone here can help me..

    My IE browser stopped allowing me to change my homepage, which tipped me off that something was wrong. However, it's not stuck on a malware site but my old yahoo homepage (http://www.geocities.com/dravingr/Ryan.html)

    In running the various recommended programs, the biggest thing I noted were several "trojan" infections. :(

    Also, Panda ActiveScan was unable to complete the scan! I've run it several times, both in normal and in safe with networking mode, and it automatically closes itself, leaving my computer with no programs running and no warnings or errors, as if I hadn't started running it in the first place. I noted on one of these truncated Panda scans that it shut down near scanning the system file ntldr or ntldr.srm, located in the root folder of my C: drive. ntldr was created 4 years ago and last modified 3 years ago, while ntldr.srm was created and last modified 2 years ago. Not sure if that's relevant to my situation.

    Can anyone help me clean house? Attaching all 5 of my log files - of course without the non-existant Panda scan and with CounterSpy instead of AVG. Thank you!
     

    Attached Files:

    dravingr, Apr 17, 2007
    #1
  2. dravingr

    dravingr Private E-2

    Here are the other two log files for my malware issue...
     

    Attached Files:

    dravingr, Apr 17, 2007
    #2
  3. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Major Geeks!

    You problems does not appear to be malware related. I would guess that you are blocking the change in your protection softare (like Symantec for one). First uninstall CounterSpy since we are finished with it and also since it could also block changes unless you tell it not too. Then check your settings in Symantec to make sure that it is not locking your home page.

    I do have to ask what the below huge files are that are wasting over 4 GB of your hard disk space:
    Code:
    "C:\"
19.tmp        Apr 16 2007   518763008  "19.tmp"
2c4.tmp       Mar 19 2007   518754816  "2C4.tmp"
3c0.tmp       Mar 19 2007   518754816  "3C0.tmp"
4ba.tmp       Mar 19 2007   518754816  "4BA.tmp"
6d2.tmp       Apr 16 2007   518763008  "6D2.tmp"
6df.tmp       Apr 16 2007   518754816  "6DF.tmp"
9dd.tmp       Mar 19 2007   518754816  "9DD.tmp"
ffc.tmp       Mar 19 2007   518754816  "FFC.tmp"
    You can also delete the below files found by BitDefender. One of them should have been remove already if you follow the instructions in step 0 of the READ ME to empty quarantine folders.
    F:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\1154657343jtun_nav2k6en60803017.m25.full.zip
    F:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\6E7E3A2B.zip
     
    chaslang, Apr 17, 2007
    #3

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds