Welcome guest. Before posting on our computer help forum, you must register. Click here it's easy and free.

« previous next »
Pages: [1]   Go Down

Author Topic: Trojan Help  (Read 4751 times)

0 Members and 1 Guest are viewing this topic.

josephstepp

    Topic Starter


    Greenhorn

    Trojan Help
    « on: May 03, 2008, 12:05:33 AM »
    I came home to work to find a slew of new icons on my desktop. It turns out my dad got on my moms computer to look up one of his biker bars he goes to, and clicked on something wrong and put a trojan on my moms computer. As if that wasnt enough, when her's kept messing up, he went to mine and did the exact same thing.

    I dont know much about computers at all...But there is are several new icons on my desktop. They include:

    "blackbird"
    "EditorFKWP2.0"
    "Filemanagerclient"
    "fkwp1.5"
    "fkwp2.0"
    "fwebd"
    "FWebdEditor"   and
    "Trojan.Win32.Blackbird"

    There is nothing really wrong with the computer preformance wise. The only thing wrong with it is that an icon will pop up on the bar by the clock and it will be a yellow triangle with an exclamation point. If i click it it will take me to a website about antispyware. And out of no where every now and then something will pop up trying to get me to get more spyware.

    How do I go about deleting this from my computer?

    I have already gone into the control panel, but there is nothing there to delete. I opened up McAfee and I'm doing a scan right now, and I looked under the recent events in McAfee and I see that today. This is what I see:

    "Monitors changes made to your starup registry keys and folders. Starup registery keys in the Windows registery and startup folders in the Start Menu store paths to programs on your computer. Programs listed in these locations load automatically when Windows starts. Spyware or other potentiall unwanted programs often try to load automatically when Windows starts.

    Rule Type: Registry

    Process: C:\ProgramData\ehuxghgl\mlahevkz.exe \S-1-5-21-1976649330-73686991-1343540341-1001\Software\Microsoft\Windows\CurrentVersion\Run\JTNFda024ZC:ProgramData\enuxghg\mlahevkz.exe"

    And after that, at the exact same time it says this:

    "Monitors changes made to your starup registry keys and folders. Starup registery keys in the Windows registery and startup folders in the Start Menu store paths to programs on your computer. Programs listed in these locations load automatically when Windows starts. Spyware or other potentiall unwanted programs often try to load automatically when Windows starts.

    Rule Type: Registry

    Process: C:Users\Chad & Joe\ AppData\Local\Temp\explorer32.exe \S-1-5-21-1976649330-736865991-1343540341-1001\ Software\Microsoft\Windows\Current Version\Run\ffuevpobC:\ProgramData\ffuevpop\ohejurqb.exe"


    So being that it said something about starup, I thought I could just go in to the Control Panel, and look at the start up programs, and sure enough, theres "mlahevkz.exe" and "ohejurqb.exe"

    How do I go about deleting this trojan from my computer?? PLEASE Help me!!
    Logged

    josephstepp

      Topic Starter


      Greenhorn

      Re: Trojan Help
      « Reply #1 on: May 03, 2008, 12:08:09 AM »
      Oh and incase anybody was wondering, my OS is Windows XP and I have a Dell XPS 410.
      Logged

      evilfantasy

      • Malware Removal Specialist
      • Moderator


        • Genius
      • Calm like a bomb
        • Thanked: 493
      • Experience: Experienced
      • OS: Windows 11
      Re: Trojan Help
      « Reply #2 on: May 03, 2008, 12:26:27 AM »
      Welcome to Computer Hope.

      Please go HERE and work through our standard cleaning procedures. Post the logs when complete and we will see what else needs to be done.
      Logged

      josephstepp

        Topic Starter


        Greenhorn

        Re: Trojan Help
        « Reply #3 on: May 03, 2008, 09:05:47 AM »
        Um... I followed the link, and went to the house cleaning link, and it wants me to pay to download some kind of software?
        Logged

        evilfantasy

        • Malware Removal Specialist
        • Moderator


          • Genius
        • Calm like a bomb
          • Thanked: 493
        • Experience: Experienced
        • OS: Windows 11
        Re: Trojan Help
        « Reply #4 on: May 03, 2008, 09:14:06 AM »
        Nothing we suggest you will need to pay for. It is all free.

        Summary:
        CCleaner (Crap Cleaner) is a freeware system optimization tool. That removes unused and temporary files from your system - allowing Windows to run faster, more efficiently and giving you more hard disk space. The best part is that it's fast! (normally taking less that a second to run) and Free. :)
        Logged

        josephstepp

          Topic Starter


          Greenhorn

          Re: Trojan Help
          « Reply #5 on: May 03, 2008, 10:59:48 AM »
          There we go, thats all that I got from analyzing. Thats a lot of stuff. My computer is used by too many people! Sorry I had to do it in so many post. There was a lot of stuff and it wouldnt let me post it all at once.
          Logged

          evilfantasy

          • Malware Removal Specialist
          • Moderator


            • Genius
          • Calm like a bomb
            • Thanked: 493
          • Experience: Experienced
          • OS: Windows 11
          Re: Trojan Help
          « Reply #6 on: May 03, 2008, 11:11:07 AM »
          I didn't need that log.

          Just post the 3 logs that are called for in the instructions.

          Superantispyware
          MBAM
          Hijackthis
          Logged

          josephstepp

            Topic Starter


            Greenhorn

            Re: Trojan Help
            « Reply #7 on: May 03, 2008, 11:17:04 AM »
            Sorry, I'll delete all of that then. and I will post the new logs when I get them
            Logged

            josephstepp

              Topic Starter


              Greenhorn

              Re: Trojan Help
              « Reply #8 on: May 03, 2008, 09:46:12 PM »
              SUPERAntiSpyware Scan Log
              http://www.superantispyware.com

              Generated 05/03/2008 at 05:57 PM

              Application Version : 4.0.1154

              Core Rules Database Version : 3452
              Trace Rules Database Version: 1444

              Scan type       : Complete Scan
              Total Scan Time : 04:43:03

              Memory items scanned      : 951
              Memory threats detected   : 2
              Registry items scanned    : 6718
              Registry threats detected : 14
              File items scanned        : 851832
              File threats detected     : 92

              Trojan.Unclassified/Multi-Dropper
                 C:\PROGRAMDATA\FFUEVPOB\OHEJURQB.EXE
                 C:\PROGRAMDATA\FFUEVPOB\OHEJURQB.EXE
                 [ffuevpob] C:\PROGRAMDATA\FFUEVPOB\OHEJURQB.EXE
                 C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
                 C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
                 C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
                 C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
                 C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
                 C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
                 C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
                 C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
                 C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
                 C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
                 C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
                 C:\DOCUMENTS AND SETTINGS\ALL USERS\FFUEVPOB\OHEJURQB.EXE
                 C:\PROGRAMDATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
                 C:\PROGRAMDATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
                 C:\PROGRAMDATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
                 C:\PROGRAMDATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
                 C:\PROGRAMDATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
                 C:\PROGRAMDATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
                 C:\PROGRAMDATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
                 C:\PROGRAMDATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
                 C:\PROGRAMDATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
                 C:\PROGRAMDATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
                 C:\PROGRAMDATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
                 C:\PROGRAMDATA\APPLICATION DATA\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
                 C:\PROGRAMDATA\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
                 C:\USERS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
                 C:\USERS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
                 C:\USERS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
                 C:\USERS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
                 C:\USERS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
                 C:\USERS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
                 C:\USERS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
                 C:\USERS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
                 C:\USERS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
                 C:\USERS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
                 C:\USERS\ALL USERS\APPLICATION DATA\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
                 C:\USERS\ALL USERS\APPLICATION DATA\FFUEVPOB\OHEJURQB.EXE
                 C:\USERS\ALL USERS\FFUEVPOB\OHEJURQB.EXE

              Trojan.Unclassified/Multi-Dropper (Packed)
                 C:\PROGRAMDATA\EHUXGHGL\MLAHEVKZ.EXE
                 [JTNFda024Z] C:\PROGRAMDATA\EHUXGHGL\MLAHEVKZ.EXE
                 C:\PROGRAMDATA\EHUXGHGL\MLAHEVKZ.EXE
                 C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
                 C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
                 C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
                 C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
                 C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
                 C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
                 C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
                 C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
                 C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
                 C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
                 C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
                 C:\DOCUMENTS AND SETTINGS\ALL USERS\EHUXGHGL\MLAHEVKZ.EXE
                 C:\PROGRAMDATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
                 C:\PROGRAMDATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
                 C:\PROGRAMDATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
                 C:\PROGRAMDATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
                 C:\PROGRAMDATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
                 C:\PROGRAMDATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
                 C:\PROGRAMDATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
                 C:\PROGRAMDATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
                 C:\PROGRAMDATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
                 C:\PROGRAMDATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
                 C:\PROGRAMDATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
                 C:\PROGRAMDATA\APPLICATION DATA\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
                 C:\PROGRAMDATA\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
                 C:\USERS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
                 C:\USERS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
                 C:\USERS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
                 C:\USERS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
                 C:\USERS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
                 C:\USERS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
                 C:\USERS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
                 C:\USERS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
                 C:\USERS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
                 C:\USERS\ALL USERS\APPLICATION DATA\APPLICATION DATA\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
                 C:\USERS\ALL USERS\APPLICATION DATA\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
                 C:\USERS\ALL USERS\APPLICATION DATA\EHUXGHGL\MLAHEVKZ.EXE
                 C:\USERS\ALL USERS\EHUXGHGL\MLAHEVKZ.EXE

              Unclassified.Unknown Origin
                 HKLM\Software\Classes\CLSID\{0656A137-B161-CADD-9777-E37A75727E78}
                 HKU\S-1-5-21-1976649330-736865991-1343540341-1001\Software\Classes\CLSID\{0656A137-B161-CADD-9777-E37A75727E78}
                 HKCR\CLSID\{0656A137-B161-CADD-9777-E37A75727E78}

              Adware.Casino Games (Golden Palace Casino)
                 HKU\S-1-5-21-1976649330-736865991-1343540341-1001\Software\Golden Palace Casino PT

              Trojan.DNSChanger-Codec
                 HKU\S-1-5-21-1976649330-736865991-1343540341-1001\Software\uninstall

              Rogue.PC-Cleaner
                 HKU\S-1-5-21-1976649330-736865991-1343540341-1001\Software\dpcproxy
                 HKU\S-1-5-21-1976649330-736865991-1343540341-1001\Software\fwbd
                 HKU\S-1-5-21-1976649330-736865991-1343540341-1001\Software\HolLol
                 HKU\S-1-5-21-1976649330-736865991-1343540341-1001\Software\Inet Delivery
                 HKU\S-1-5-21-1976649330-736865991-1343540341-1001\Software\Invictus
                 HKU\S-1-5-21-1976649330-736865991-1343540341-1001\Software\mwc
                 HKU\S-1-5-21-1976649330-736865991-1343540341-1001\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad#SystemCheck2
                 C:\Users\Chad & Joe\Desktop\virii\Trojan-Downloader.Win32.Agent.bl.exe
                 C:\Users\Chad & Joe\Desktop\virii\Trojan-Downloader.Win32.Agent.p.exe
                 C:\Users\Chad & Joe\Desktop\virii\Trojan-Downloader.Win32.Agent.r.exe
                 C:\Users\Chad & Joe\Desktop\virii\Trojan-Downloader.Win32.Agent.t.exe
                 C:\Users\Chad & Joe\Desktop\virii\Trojan-Downloader.Win32.Agent.v.exe
                 C:\Users\Chad & Joe\Desktop\virii
                 C:\Users\Chad & Joe\Desktop\blackbird.jpg
                 C:\Users\Chad & Joe\Desktop\EditorFKWP2.0.exe
                 C:\Users\Chad & Joe\Desktop\filemanagerclient.exe
                 C:\Users\Chad & Joe\Desktop\fkwp1.5.exe
                 C:\Users\Chad & Joe\Desktop\fkwp2.0.exe
                 C:\Users\Chad & Joe\Desktop\fwebd.exe
                 C:\Users\Chad & Joe\Desktop\FWebdEditor.exe
                 C:\Users\Chad & Joe\Desktop\Trojan.Win32.BlackBird.exe
              Logged

              josephstepp

                Topic Starter


                Greenhorn

                Re: Trojan Help
                « Reply #9 on: May 03, 2008, 09:47:24 PM »
                If that deleted the icons on my desktop and stuff, do I still need to run the others?
                Logged

                evilfantasy

                • Malware Removal Specialist
                • Moderator


                  • Genius
                • Calm like a bomb
                  • Thanked: 493
                • Experience: Experienced
                • OS: Windows 11
                Re: Trojan Help
                « Reply #10 on: May 03, 2008, 09:59:33 PM »
                Yes you do. The guide is made to look for and remove different threats.

                Stick with me until given the all clear and we will get you cleaned up :)
                Logged
                Pages: [1]   Go Up
                « previous next »