Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Torjan Horse Generic8.qjz


  • Please log in to reply
5 replies to this topic

#1 papajun

papajun

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:04 AM

Posted 22 October 2007 - 06:34 AM

Need help. I'm using Windows XP SP2 with AVG Antivirus free edition. AVG always detect a Trojan Horse Generic8.QJZ. I tried healing the trojan but it keeps on coming back. So I have to heal again whenever AVG detects its presence. I tried searching for some cure but all I can find are cure for Trojan Horse Generic8.LDI .DDH .ECK .JWD. How can I completely remove the generic8.QJZ trojan? Thanks

Edited by rigel, 22 October 2007 - 06:46 AM.
~Moved to a more appropriate forum ~ rigel


BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • Moderator
  • 13,196 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:03:04 AM

Posted 22 October 2007 - 08:13 AM

Where did AVG say the trojan is located?

Install Super Antispyware free. Run it in safe mode. Allow it to quarantine whatever it finds.
http://www.superantispyware.com/

Run the online scan for Bit Defender in normal mode. Allow it to quarantine whatever it finds.
http://www.bitdefender.com/scan8/ie.html

How to Start Windows in Safe Mode:
http://www.bleepingcomputer.com/tutorials/how-to-start-windows-in-safe-mode/
“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#3 papajun

papajun
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:04 AM

Posted 26 October 2007 - 04:53 AM

AVG says that the trojan horse is in C:\Program Files\SearchBar\Search.dll. I tried clicking the uninstall file in the same SearchBar folder but the computer keeps on creating the same folder everytime I open Yahoo Messenger and some other programs. I also did try deleting the folder SearchBar and its contents but still the folder is created when opening YM.

#4 buddy215

buddy215

  • Moderator
  • 13,196 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:03:04 AM

Posted 26 October 2007 - 06:17 AM

See if the WhenU search bar is in the Add/Remove program. There may also be a "WhenU SaveNow" listing in the Add/Remove program. If those listings are there, attempt an uninstall while in safe mode.
Did you use the programs I suggested? What were the results?
“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#5 papajun

papajun
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:04 AM

Posted 17 November 2007 - 10:02 PM

I found the solution myself. I uninstall/install the Yahoo Messenger then I deleted Au_.exe and Bu_.exe files and the warning didn't show up again.

#6 buddy215

buddy215

  • Moderator
  • 13,196 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:03:04 AM

Posted 17 November 2007 - 10:49 PM

Au_.exe and Bu_.exe files are used by Spy Falcon.
It seems you had more than one infection.
Did you run the programs I suggested?

See if you have Spyfalcon.exe in your program files.
“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users