Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan Horse Downloader.generic6.ambn


  • Please log in to reply
10 replies to this topic

#1 shotgunharry1

shotgunharry1

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:20 AM

Posted 06 March 2008 - 07:33 PM

hi, am new to this forum and am impressed by the quality of the replies to the posts that I have read. At the moment I am using my laptop but my problem is with my desktop pc. I am running it with win xp pro. I downloaded a file from seriall.com and AVG said that it detected a trojan (Trojan horse Downloader.Generic6.AMBN), I hit heal and it says that it has fixed the problem but my desktop has been erased, at least the access to it has been impaired and I keep getting the pctv4me start page. I went to google and got zilch and AVG talks about Trojan horse Downloader.Generic6.PFM, but the instructions weren't at all clear. Are these the same trojans? how do you remove them or the one I have in my pc?

I tried starting up in safe mode but can't get to anything. No desktop, no way to access programs that I know of. I have no way of getting to start menu. I do have access to the bios, but that is it. Please help me! Thank you very much.


{Moved to more appropriate forum~`boopme}

Edited by shotgunharry1, 06 March 2008 - 10:14 PM.


BC AdBot (Login to Remove)

 


#2 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,962 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:02:20 AM

Posted 07 March 2008 - 05:49 PM

Hello shotgunharry1 and welcome to BC :flowers:

You say that your desktop is impaired.

In normal mode, is the start menu functioning and appearing properly?

Are you able to access the run command?

Can you call up the task manager?

Are you able to connect to the internet with the computer?

Orange Blossom :thumbsup:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#3 shotgunharry1

shotgunharry1
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:20 AM

Posted 09 March 2008 - 11:59 AM

hi and ty orange blossom. sry I ddn't answer b4 but was away for weekend and ddn't have acces to internet. I tried all of the options you mentioned, start, command, internet, task manager, and the only one I was able to access was the task manager. I looked at the task manager but there wasn't anything on there that I could id as malware but that might be my own ignorance. if you could help me I would be eternally grateful as I have some stuff on there that I dont want to lose. Thank you.

#4 shotgunharry1

shotgunharry1
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:20 AM

Posted 09 March 2008 - 12:25 PM

hi, I wnt back to pc and was able to access command but no internet. Went tried again but could nt access command but could access task manager.

Edited by boopme, 09 March 2008 - 02:57 PM.


#5 shotgunharry1

shotgunharry1
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:20 AM

Posted 09 March 2008 - 12:29 PM

seeems I can only access task man :thumbsup:

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,329 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:20 AM

Posted 09 March 2008 - 03:09 PM

Ok then from Task manager click on the process tab.
In the process tab list look for explorer.exe <<<exactly this one
Not any other Explorer.exe, eXplorer.exe, <<<these are probably malware
If you do not see it, then in the task manager, click on File along top
Click on New Task (Run...)
In the Create New Task dialogue box, type in explorer and click OK.

Once you have explorer running, see if you can run a virus scan.

Edited by boopme, 09 March 2008 - 03:12 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 shotgunharry1

shotgunharry1
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:20 AM

Posted 09 March 2008 - 05:19 PM

Hi boopme, thank you for your reply. I did as you instructed and ran avg. It found 3 instances of trojandownloader. says that it healed but no way, still suffering :thumbsup:(

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,329 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:20 AM

Posted 09 March 2008 - 09:08 PM

Are you able to access the internet now from that PC?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 shotgunharry1

shotgunharry1
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:20 AM

Posted 10 March 2008 - 05:06 PM

No, no internet either! :thumbsup: an using my laptop

#10 shotgunharry1

shotgunharry1
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:20 AM

Posted 10 March 2008 - 05:16 PM

sorry, I put in a website and yes, I do have access to the

#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,329 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:20 AM

Posted 10 March 2008 - 07:35 PM

Ok that's good. So do these things while you can get online.
Now do an online scan of your PC from here ESET Online Scanner . Delete or Quarantine any items found. (may require a reboot)

Next go back online and download SUPERAntiSpyware
save to desktop.
If you get a desktop back after the ESET scan Then click on the SUPERAntispyware icon and proceed as listed below.
If not then use the task manger click on File along top
Click on New Task (Run...)
In the Create New Task dialogue box, type in SUPERANTISPYWARE.EXE and click OK.
If all goes well here just run it. Perform a complete scan.

IF DESKTOP IS BACK
Download and scan with SUPERAntiSpyware Free for Home Users
  • Double-click SUPERAntiSpyware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download and unzip them from here.)
  • Under "Configuration and Preferences", click the Preferences button.
  • Click the Scanning Control tab.
  • Under Scanner Options make sure the following are checked (leave all others unchecked):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the control center screen.
  • Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
  • On the left, make sure you check C:\Fixed Drive.
  • On the right, under "Complete Scan", choose Perform Complete Scan.
  • Click "Next" to start the scan. Please be patient while it scans your computer.
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes".
  • To retrieve the removal information after reboot, launch SUPERAntispyware again.
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users