Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

trojan horse PSW.Generic7.ATPX


  • Please log in to reply
1 reply to this topic

#1 gauravjeet

gauravjeet

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:10:08 PM

Posted 24 November 2009 - 04:08 AM

Hi,

Believe my computer is infected with the trojan horse PSW.Generic7.ATPX and finding it impossible to get rid of.

Some applications like emule, malwarebytes, etc. open and then close after a few seconds. In addition, AVG is unable to update virus definitions stating that access to the server is forbidden.

Ran the combofix software which seemed to fix the problem temporarily, however after a few days the same problem resurfaced.

Updated AVG aftr a combofix scan and ran a system scan which detects a trojan horse PSW.Generic7.ATPX in the file named odujr.dat located in the Temp folder in Local Settings. AVG manages to remove the virus to the vault which i subsequently delete, but the file odujr.dat keeps reappearing. Tried manually deleteing the file as well, but no luck...it keeps reappearing in the same place. Seems like some virus keeps recreating this trojan file.

would really appreciate help on this...tried searching for the particulat trojan horse but could not find anything on the net.

thanks,
gaurav

BC AdBot (Login to Remove)

 


#2 gauravjeet

gauravjeet
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:10:08 PM

Posted 24 November 2009 - 01:18 PM

Seem to have found a fix...atleast for now.

ran trend micro housecall and it detected the same file (odujr.dat) as a "tspy kates.smod" infection. details on how to remove it at the following link.

http://threatinfo.trendmicro.com/vinfo/gra...OD&VSect=Sn.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users