1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

trojan infection help please

Discussion in 'Virus & Other Malware Removal' started by saidmorgan, Oct 29, 2007.

Thread Status:
Not open for further replies.
  1. saidmorgan

    saidmorgan Thread Starter

    Joined:
    Oct 29, 2007
    Messages:
    13
    am infected with win32.trojan.small how i can deal with it.

    Registry value "Start_ShowNetConn_ShouldShow" at key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\advanc ed


    Malicious software Win32.Trojan.Small is found!
    Threat type: malware
    Files associated with this software:
    recycle.htt
    printers.htt
    opera6.ini
    nethood.htt
    standard.htt
    sysconfig.exe
    classic.htt
    child.dll
    controlp.htt
    c.tmp
    $_2341235.tmp
    $_3472452.exe
    84c5fc2c.dll
    84c5fc2c.dat
    ibm00001.dll
    ibm00002.dll
    imgview.htt
    dialup.htt
    e.tmp
    d.tmp
    del.bat
    default.htt
    folder.htt
    fsresult.htt
    ftp.htt
    Registry entries associated with this software:
    clsid\{e083d552-16b3-4945-8f61-f96ed64fa86b}
    clsid\{e25c29ab-12b9-4523-a53c-324b5fba648c}
    software\intel\day
    software\intel\month
    software\microsoft\active setup\installed components\{1d58ea4c-4e6b-5b1b-4d1b-
    4b267e5b704e}
    software\microsoft\active setup\installed components\{2cf4194d-f83f-2399-31dc-
    1245bceef670}
    software\microsoft\windows nt\currentversion\image file execution options\acrord32.exe
    software\microsoft\windows nt\currentversion\image file execution options\calc.exe
    software\microsoft\windows nt\currentversion\image file execution options\cleanmgr.exe
    software\microsoft\windows nt\currentversion\image file execution options\cmd.exe
    software\microsoft\windows nt\currentversion\image file execution options\dxdiag.exe
    software\microsoft\windows nt\currentversion\image file execution options\excel.exe
    software\microsoft\windows nt\currentversion\image file execution options\far.exe
    software\microsoft\windows nt\currentversion\image file execution options\freecell.exe
    software\microsoft\windows nt\currentversion\image file execution options\hh.exe
    software\microsoft\windows nt\currentversion\image file execution options\hl.exe
    software\microsoft\windows nt\currentversion\image file execution options\hl2.exe
    software\microsoft\windows nt\currentversion\image file execution options\icqlite.exe
    software\microsoft\windows nt\currentversion\image file execution options\msaccess.exe
    software\microsoft\windows nt\currentversion\image file execution options\mshearts.exe
    software\microsoft\windows nt\currentversion\image file execution options\mspaint.exe
    software\microsoft\windows nt\currentversion\image file execution options\notepad.exe

    software\microsoft\windows nt\currentversion\image file execution options\opera.exe
    software\microsoft\windows nt\currentversion\image file execution options\photoshop.exe
    software\microsoft\windows nt\currentversion\image file execution options\powerpnt.exe
    software\microsoft\windows nt\currentversion\image file execution options\sol.exe
    software\microsoft\windows nt\currentversion\image file execution options\telnet.exe
    software\microsoft\windows nt\currentversion\image file execution options\uninstall.exe
    software\microsoft\windows nt\currentversion\image file execution options\war3.exe
    software\microsoft\windows nt\currentversion\image file execution options\winamp.exe
    software\microsoft\windows nt\currentversion\image file execution options\winampa.exe
    software\microsoft\windows nt\currentversion\image file execution options\winrar.exe
    software\microsoft\windows nt\currentversion\image file execution options\winword.exe
    software\microsoft\windows nt\currentversion\image file execution options\wmplayer.exe
    software\microsoft\windows nt\currentversion\image file execution options\wordpad.exe
    software\microsoft\windows nt\currentversion\svchost\BITS32
    software\microsoft\windows nt\currentversion\winlogon\notify\kirdam
    software\microsoft\windows nt\currentversion\winlogon\notify\microqc
    software\microsoft\windows\currentversion\_r
    software\microsoft\windows\currentversion\_r\rqbmd
    software\microsoft\windows\currentversion\_r\wlemd
    software\microsoft\windows\currentversion\explorer\advanced\Start_ShowNetCo nn_ShouldShow
    software\microsoft\windows\currentversion\explorer\sharedtaskscheduler\{4F1 41CBA-1457-
    6CCA-03A7-7AA21B61EA0F}
    software\microsoft\windows\currentversion\explorer\shellexecutehooks\{e25c2 9ab-12b9-4523-
    a53c-324b5fba648c}
    software\microsoft\windows\currentversion\explorer\userassist\{75048700-ef1f-11d0-9888-
    006097deacf9}\count\HRZR_EHACNGU:p:\Qbphzragf naq Frggvatf\IZgrfg21\Qrfxgbc\qzkfv.rkr
    software\microsoft\windows\currentversion\dmbqr.exe
    software\microsoft\windows\currentversion\dmelw.exe
    system\controlset001\enum\root\legacy_wzcsrvc
    system\controlset001\services\bits32
    system\controlset001\services\msdtcmnmsrvc
    system\controlset001\services\p435ikrd
    system\controlset001\services\windows management service
    system\controlset001\services\wzcsrvc
    system\controlset003\services\wzcsrvc
    system\currentcontrolset\enum\root\legacy_igeon.com.cn
    system\currentcontrolset\services\bits32
    system\currentcontrolset\services\igeon.com.cn
    system\currentcontrolset\services\msdtcmnmsrvc
    system\currentcontrolset\services\p435ikrd
    system\currentcontrolset\services\windows management service
    system\currentcontrolset\services\wzcsrvc
    Folders associated with this software:
    C:\WINDOWS\inetfih\
    C:\Program Files\common files\microsoft shared\msinfo\
     
  2. cybertech

    cybertech Retired Moderator

    Joined:
    Apr 16, 2002
    Messages:
    72,115
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/645326

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice