Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

AVG Reporting Trojan, can't remove it


  • Please log in to reply
1 reply to this topic

#1 johngeetar

johngeetar

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:04:37 PM

Posted 14 August 2010 - 03:11 PM

AVG is reporting that I have a "Trojan Horse Generic18.bmme" but it says that the "object is inaccesible". There are several instances of the trojan listed in AVG and says there are in my system restore. I have turned of system restore which I believe deleted the restore points. I contracted the trojan when I downloaded "John the Ripper" password cracker. Immediately AVG recognized it as a virus but the forum members on a site advised me that it was a false positive. The symptoms have been that firefox has been hijacked but google chrome seems to work just fine. Every once in a while an internet explorer pop up will come up with an advertisement. I have downloaded the tools MBRCheck, RKUnhookerLE, dds, and defogger but have not yet used them. Any help would be appreciated, let me know what logs you need. Thanks in advance!

BC AdBot (Login to Remove)

 


#2 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 33,468 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:04:37 PM

Posted 14 August 2010 - 06:33 PM

Hello,

Please turn system restore back on. Disabling System Restore as the first step when attempting to clean a system or when scanning for malware is not advisable. Unfortunately, some anti-virus vendors still recommend doing this before attempting malware removal and many folks follow that advice. This is really not a good practice when dealing with infected computer systems. Turning System Restore off and then turning it back on has some risk associated with it since that feature does not always work as intended. Further, there is always a possibility of something going wrong during the malware removal process and you end up with more problems. If an incident renders your system problematic or unbootable, you can use System Restore to return it to a previous working state. Without a restore point to fall back on, you are left with a limited means of restoring your system to a usable condition. An infected restore point is better than no restore point at all. Disabling this feature could mean having to perform a repair install (or reformat in worst case scenarios) if you're unable to fix any problems which System Restore may be able to correct. Although System Restore is not always 100% guaranteed to work all the time, it at least gives you another option before resorting to more drastic measures.

"System Restore and malware removal - what is best practice?"
"Should I purge all my restore point BEFORE removing infection?"

I would not trust that site you were on that said AVG was giving you a false positive.

Sites that provide password crackers, keygens, etc. are prime vectors for very bad infections. You don't even need to download anything to get infected, just visiting the site can cause an infection. Further, using password crackers, keygens, etc. violates license agreements and is therefore illegal. If you haven't removed that password cracker, please do so now.

That said, please follow the instructions in ==>This Guide<==. If you cannot complete a step, skip it and continue.

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include a description of your computer issues and what you have done to resolve them.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

Orange Blossom :thumbsup:

Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SuperAntiSpyware, SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users