hijackthis.log 15K
249 downloads
Attached Files
-
hijackthis.log.log 15K
134 downloads
Problems With Generic 4 Trojan
Started by
Benderus
, Jun 03 2007 02:08 PM
3 replies to this topic
#1
Benderus
-
- Members
-
- 1 posts
Newbie
Posted 03 June 2007 - 02:08 PM
Hi! My avg comes up with generic 4 trojan but I can't seem to remove it!!! I scanned with adware se and also with spybot-search & destroy but generic 4 is still in my pc. Can you help me with my hijackthis log, please? Here it is:
hijackthis.log 15K
249 downloads
hijackthis.log 15K
249 downloads
#2
jurgenv
-
- Volunteer Security Advisor
-
- 2462 posts
Advanced Member
Posted 04 June 2007 - 08:19 PM
Go to http://www.bleepingc....php?channel=13 and enter the following:
Link to topic where this file was requested: http://www.lavasofts...?showtopic=9378
Browse to the file you want to submit: C:\Programmi\Toolbar\like_googlenew1.1a.dll
Leave any comments, further information about this file, or contact information: CLSID Toolbar: 25F97EB4-1C02-45BA-BA0C-E67AACE64D4A
BHO: 1D09A743-00ED-4713-BCC4-32D590D1087A
After that, clck on 'Send'.
Finally, post a new fresh hijackthis log here as your next answer. (Please not as an attachement.)
Link to topic where this file was requested: http://www.lavasofts...?showtopic=9378
Browse to the file you want to submit: C:\Programmi\Toolbar\like_googlenew1.1a.dll
Leave any comments, further information about this file, or contact information: CLSID Toolbar: 25F97EB4-1C02-45BA-BA0C-E67AACE64D4A
BHO: 1D09A743-00ED-4713-BCC4-32D590D1087A
After that, clck on 'Send'.
Finally, post a new fresh hijackthis log here as your next answer. (Please not as an attachement.)
Greets Jurgenv.
#3
TonyKlein
-
- Volunteer Security Advisor
-
- 17 posts
Member
Posted 06 June 2007 - 08:08 PM
Thank you for uploading the file; however, unfortunately it was not the one requested.
You uploaded a TFRC.tmp file, which is indeed malware (Trojan.Win32.Agent.ahp), but the one we'd like to have a look at was C:\Programmi\Toolbar\like_googlenew1.1a.dll
Could I please ask you to find and upload that one as well?
Thanks a lot for your cooperation!
You uploaded a TFRC.tmp file, which is indeed malware (Trojan.Win32.Agent.ahp), but the one we'd like to have a look at was C:\Programmi\Toolbar\like_googlenew1.1a.dll
Could I please ask you to find and upload that one as well?
Thanks a lot for your cooperation!
#4
TonyKlein
-
- Volunteer Security Advisor
-
- 17 posts
Member
Posted 10 June 2007 - 06:58 AM
This time you picked the right one, but unfortunately it was a 0 byte file, which usually means your antivirus may be blocking it, or the file may be in use by another application.
Let's try it this way:
Please download Killbox.
Click killbox.exe.
Select the option "Delete on reboot".
Click the button: Single File (!important!)
Next, copy the following bold line:
C:\Programmi\Toolbar\like_googlenew1.1a.dll
Open 'file' in the killboxmenu on top and choose Paste from clipboard
Then press the button that looks like a red circle with a white X in it.
Killbox will tell you that all listed files will be removed on next reboot and asks if you would like to Reboot now, click YES
If you don't get that message, reboot manually.
Your computer should reboot now. The file in question will have been moved into a newly created folder called C:\!Killbox
Once it has rebooted, go back to http://www.bleepingc....php?channel=13 , browse to that C:\!Killbox folder , Highlight that folder, then press "Send File', in order to submit it.
Much appreciated! :)i
Let's try it this way:
Please download Killbox.
Click killbox.exe.
Select the option "Delete on reboot".
Click the button: Single File (!important!)
Next, copy the following bold line:
C:\Programmi\Toolbar\like_googlenew1.1a.dll
Open 'file' in the killboxmenu on top and choose Paste from clipboard
Then press the button that looks like a red circle with a white X in it.
Killbox will tell you that all listed files will be removed on next reboot and asks if you would like to Reboot now, click YES
If you don't get that message, reboot manually.
Your computer should reboot now. The file in question will have been moved into a newly created folder called C:\!Killbox
Once it has rebooted, go back to http://www.bleepingc....php?channel=13 , browse to that C:\!Killbox folder , Highlight that folder, then press "Send File', in order to submit it.
Much appreciated! :)i
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
