Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Downloader.generic6.ambn


  • Please log in to reply
5 replies to this topic

#1 Roelio

Roelio

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:10:13 AM

Posted 10 March 2008 - 07:02 PM

Hello,
my AVG detected a downloader trojan: downloader.Generic6.ambn. I healed it and later I moved it to the vault but it keeps coming back. How do I get rid of it ??
Thx for the help

Windows XP sp2

BC AdBot (Login to Remove)

 


#2 PropagandaPanda

PropagandaPanda


  • Malware Response Team
  • 10,433 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:13 AM

Posted 10 March 2008 - 07:08 PM

Please follow the instructions here for SDfix:
http://www.bleepingcomputer.com/forums/t/131299/how-to-use-sdfix/

Then post the log back in your next post.

#3 Roelio

Roelio
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:10:13 AM

Posted 10 March 2008 - 07:35 PM

I tried rebooting in safe mode but I can't. When I click to log in to windows it says : loading personal settings... then a few seconds later : saving personal settings and I can't do anything. I tried restarting in regular mode but it won't work either.
(now I'm on my portable)
Is there a solution or do I have to re-install windows ?
Thx !!

#4 PropagandaPanda

PropagandaPanda


  • Malware Response Team
  • 10,433 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:13 AM

Posted 10 March 2008 - 07:39 PM

Do you have any restore points to go back to? If so try those first.

Regardeless, please give the name and location of the file that AVG found. We can then proceed to looking the the registry for where it is reloaded from.

EDIT: uh what do you know? another topic with the exact same infection here
http://www.bleepingcomputer.com/forums/t/134925/trojan-horse-downloadergeneric6ambn/

I would suggest using the superantispyware in your case too.

Edited by PropagandaPanda, 10 March 2008 - 07:42 PM.


#5 Roelio

Roelio
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:10:13 AM

Posted 10 March 2008 - 07:50 PM

Every time I acces Safe Mode or Regular Mode and I click on my Icon (or the administrator in Safe mode), it loads my personal settings and then it goes back to the Windows login screen. I can't acces Windows anymore. Is there a way to copy my mailfolder before I format ? Thx !!

Edited by Roelio, 11 March 2008 - 03:58 PM.


#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,119 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:05:13 AM

Posted 16 March 2008 - 07:57 AM

If you cannot boot up in Normal or Safe mode, you may be able to use a Windows XP bootable Floppy Disk to boot from a diskette instead of your hard drive. If your hard drive's boot sector or Windows' basic boot files have been corrupted, this disk will circumvent the problem and boot you into Windows. If you don't have an emergency boot floppy, you may be able to use one created on another PC running Windows XP but there's no guarantee that it will boot your machine.

"Resolving Boot Issues with a Boot Floppy Disk".
"How to obtain Windows XP Setup boot disks" and select the download that's appropriate for your Operating System. The Setup boot disks are available so that you can run the Setup program on computers that cannot use a bootable CD-ROM.

Another option is to create a Bootable CD:
Bart's way to create bootable CD-Roms
Hiren's BootCD
Ultimate Boot CD
EzReload Bootable CD
Windows and DOS Boot Disks
How to write a CD/DVD image or ISO
Creating A Windows XP Recovery Console CD Image

You can try doing a "Repair Install with Recovery Console". The Recovery Console is a Windows utility that provides a DOS-like command line from which you can run some repair programs. If you have a Microsoft Windows CD-ROM, you can get to the Recovery Console by booting from that CD and pressing any key when you told to 'Press any key to boot from CD'. At the 'Welcome to Setup' screen, press r for Repair.

"Langa Letter: XP's No-Reformat, Nondestructive Total-Rebuild Option"
"How to install and use the Windows XP Recovery Console".
"How to recover from a corrupted registry that prevents Windows XP from starting".

If you don't have your XP CD you can download an ISO of the Recovery Console files:
NTFS4FreeDos ISO
Recovery Console ISO file
XP Recovery Console zip file.

Burn it as an image to a disk to get a bootable CD which will startup the Recovery Console for troubleshooting and fixing purposes. This is especially useful for those with OEM systems with factory restore partitions or disks but no original installation CD. If you are not sure how to burn an image, please read How to write a CD/DVD image or ISO.

Note: You should know that some types of malware can result in a system so badly damaged that a Repair Install will NOT help!. Reinstalling Windows without first wiping the entire hard drive with a repartition and/or format will not remove the infection. The reinstall will only overwrite the Windows files. Any malware on the system will still be there afterwards. Starting over, reformatting the drive and performing a clean install of the OS removes everything and is the safest action.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users