Computer Hope
Software => Computer viruses and spyware => Topic started by: josephstepp on May 03, 2008, 12:05:33 AM
-
I came home to work to find a slew of new icons on my desktop. It turns out my dad got on my moms computer to look up one of his biker bars he goes to, and clicked on something wrong and put a trojan on my moms computer. As if that wasnt enough, when her's kept messing up, he went to mine and did the exact same thing.
I dont know much about computers at all...But there is are several new icons on my desktop. They include:
"blackbird"
"EditorFKWP2.0"
"Filemanagerclient"
"fkwp1.5"
"fkwp2.0"
"fwebd"
"FWebdEditor" and
"Trojan.Win32.Blackbird"
There is nothing really wrong with the computer preformance wise. The only thing wrong with it is that an icon will pop up on the bar by the clock and it will be a yellow triangle with an exclamation point. If i click it it will take me to a website about antispyware. And out of no where every now and then something will pop up trying to get me to get more spyware.
How do I go about deleting this from my computer?
I have already gone into the control panel, but there is nothing there to delete. I opened up McAfee and I'm doing a scan right now, and I looked under the recent events in McAfee and I see that today. This is what I see:
"Monitors changes made to your starup registry keys and folders. Starup registery keys in the Windows registery and startup folders in the Start Menu store paths to programs on your computer. Programs listed in these locations load automatically when Windows starts. Spyware or other potentiall unwanted programs often try to load automatically when Windows starts.
Rule Type: Registry
Process: C:\ProgramData\ehuxghgl\mlahevkz.exe \S-1-5-21-1976649330-73686991-1343540341-1001\Software\Microsoft\Windows\CurrentVersion\Run\JTNFda024ZC:ProgramData\enuxghg\mlahevkz.exe"
And after that, at the exact same time it says this:
"Monitors changes made to your starup registry keys and folders. Starup registery keys in the Windows registery and startup folders in the Start Menu store paths to programs on your computer. Programs listed in these locations load automatically when Windows starts. Spyware or other potentiall unwanted programs often try to load automatically when Windows starts.
Rule Type: Registry
Process: C:Users\Chad & Joe\ AppData\Local\Temp\explorer32.exe \S-1-5-21-1976649330-736865991-1343540341-1001\ Software\Microsoft\Windows\Current Version\Run\ffuevpobC:\ProgramData\ffuevpop\ohejurqb.exe"
So being that it said something about starup, I thought I could just go in to the Control Panel, and look at the start up programs, and sure enough, theres "mlahevkz.exe" and "ohejurqb.exe"
How do I go about deleting this trojan from my computer?? PLEASE Help me!!
-
Oh and incase anybody was wondering, my OS is Windows XP and I have a Dell XPS 410.
-
Welcome to Computer Hope.
Please go HERE (http://www.computerhope.com/forum/index.php/topic,46313.0.html) and work through our standard cleaning procedures. Post the logs when complete and we will see what else needs to be done.
-
Um... I followed the link, and went to the house cleaning link, and it wants me to pay to download some kind of software?
-
Nothing we suggest you will need to pay for. It is all free.
Summary:
CCleaner (Crap Cleaner) is a freeware system optimization tool. That removes unused and temporary files from your system - allowing Windows to run faster, more efficiently and giving you more hard disk space. The best part is that it's fast! (normally taking less that a second to run) and Free. :)
-
There we go, thats all that I got from analyzing. Thats a lot of stuff. My computer is used by too many people! Sorry I had to do it in so many post. There was a lot of stuff and it wouldnt let me post it all at once.
-
I didn't need that log.
Just post the 3 logs that are called for in the instructions.
Superantispyware
MBAM
Hijackthis
-
Sorry, I'll delete all of that then. and I will post the new logs when I get them
-
SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 05/03/2008 at 05:57 PM
Application Version : 4.0.1154
Core Rules Database Version : 3452
Trace Rules Database Version: 1444
Scan type : Complete Scan
Total Scan Time : 04:43:03
Memory items scanned : 951
Memory threats detected : 2
Registry items scanned : 6718
Registry threats detected : 14
File items scanned : 851832
File threats detected : 92
Trojan.Unclassified/Multi-Dropper
C:\PROGRAMDATA\FFUEVPOB\OHEJURQB.EXE
C:\PROGRAMDATA\FFUEVPOB\OHEJURQB.EXE
[ffuevpob] C:\PROGRAMDATA\FFUEVPOB\OHEJURQB.EXE
C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
C:\DOCUMENTS AND SETTINGS\ALL USERS\FFUEVPOB\OHEJURQB.EXE
C:\PROGRAMDATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
C:\PROGRAMDATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
C:\PROGRAMDATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
C:\PROGRAMDATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
C:\PROGRAMDATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
C:\PROGRAMDATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
C:\PROGRAMDATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
C:\PROGRAMDATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
C:\PROGRAMDATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
C:\PROGRAMDATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
C:\PROGRAMDATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
C:\PROGRAMDATA\APPLICATION DATA\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
C:\PROGRAMDATA\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
C:\USERS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
C:\USERS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
C:\USERS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
C:\USERS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
C:\USERS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
C:\USERS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
C:\USERS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
C:\USERS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
C:\USERS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
C:\USERS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
C:\USERS\ALL USERS\APPLICATION DATA\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
C:\USERS\ALL USERS\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
C:\USERS\ALL USERS\FFUEVPOB\OHEJURQB.EXE
Trojan.Unclassified/Multi-Dropper (Packed)
C:\PROGRAMDATA\EHUXGHGL\MLAHEVKZ.EXE
[JTNFda024Z] C:\PROGRAMDATA\EHUXGHGL\MLAHEVKZ.EXE
C:\PROGRAMDATA\EHUXGHGL\MLAHEVKZ.EXE
C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
C:\DOCUMENTS AND SETTINGS\ALL USERS\EHUXGHGL\MLAHEVKZ.EXE
C:\PROGRAMDATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
C:\PROGRAMDATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
C:\PROGRAMDATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
C:\PROGRAMDATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
C:\PROGRAMDATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
C:\PROGRAMDATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
C:\PROGRAMDATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
C:\PROGRAMDATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
C:\PROGRAMDATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
C:\PROGRAMDATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
C:\PROGRAMDATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
C:\PROGRAMDATA\APPLICATION DATA\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
C:\PROGRAMDATA\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
C:\USERS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
C:\USERS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
C:\USERS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
C:\USERS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
C:\USERS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
C:\USERS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
C:\USERS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
C:\USERS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
C:\USERS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
C:\USERS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
C:\USERS\ALL USERS\APPLICATION DATA\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
C:\USERS\ALL USERS\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
C:\USERS\ALL USERS\EHUXGHGL\MLAHEVKZ.EXE
Unclassified.Unknown Origin
HKLM\Software\Classes\CLSID\{0656A137-B161-CADD-9777-E37A75727E78}
HKU\S-1-5-21-1976649330-736865991-1343540341-1001\Software\Classes\CLSID\{0656A137-B161-CADD-9777-E37A75727E78}
HKCR\CLSID\{0656A137-B161-CADD-9777-E37A75727E78}
Adware.Casino Games (Golden Palace Casino)
HKU\S-1-5-21-1976649330-736865991-1343540341-1001\Software\Golden Palace Casino PT
Trojan.DNSChanger-Codec
HKU\S-1-5-21-1976649330-736865991-1343540341-1001\Software\uninstall
Rogue.PC-Cleaner
HKU\S-1-5-21-1976649330-736865991-1343540341-1001\Software\dpcproxy
HKU\S-1-5-21-1976649330-736865991-1343540341-1001\Software\fwbd
HKU\S-1-5-21-1976649330-736865991-1343540341-1001\Software\HolLol
HKU\S-1-5-21-1976649330-736865991-1343540341-1001\Software\Inet Delivery
HKU\S-1-5-21-1976649330-736865991-1343540341-1001\Software\Invictus
HKU\S-1-5-21-1976649330-736865991-1343540341-1001\Software\mwc
HKU\S-1-5-21-1976649330-736865991-1343540341-1001\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad#SystemCheck2
C:\Users\Chad & Joe\Desktop\virii\Trojan-Downloader.Win32.Agent.bl.exe
C:\Users\Chad & Joe\Desktop\virii\Trojan-Downloader.Win32.Agent.p.exe
C:\Users\Chad & Joe\Desktop\virii\Trojan-Downloader.Win32.Agent.r.exe
C:\Users\Chad & Joe\Desktop\virii\Trojan-Downloader.Win32.Agent.t.exe
C:\Users\Chad & Joe\Desktop\virii\Trojan-Downloader.Win32.Agent.v.exe
C:\Users\Chad & Joe\Desktop\virii
C:\Users\Chad & Joe\Desktop\blackbird.jpg
C:\Users\Chad & Joe\Desktop\EditorFKWP2.0.exe
C:\Users\Chad & Joe\Desktop\filemanagerclient.exe
C:\Users\Chad & Joe\Desktop\fkwp1.5.exe
C:\Users\Chad & Joe\Desktop\fkwp2.0.exe
C:\Users\Chad & Joe\Desktop\fwebd.exe
C:\Users\Chad & Joe\Desktop\FWebdEditor.exe
C:\Users\Chad & Joe\Desktop\Trojan.Win32.BlackBird.exe
-
If that deleted the icons on my desktop and stuff, do I still need to run the others?
-
Yes you do. The guide is made to look for and remove different threats.
Stick with me until given the all clear and we will get you cleaned up :)