Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with Trojan horse Generic16.JP


  • Please log in to reply
1 reply to this topic

#1 Apol

Apol

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:02:28 AM

Posted 25 December 2009 - 02:23 AM

Hello, Apol here......

I would like to inquire about getting some information and helpful tip's into removing this Trojan horse, I shall describe below some details into the problem.

First off, I am running on Windows Visata 32bit, 2Gb of RAM, I have installed Malwarebytes, AVG free edition, SUPERAntispyware free edition and updated them to current and run numerous full scans in a attempt to remove this trojan. It detects it with avg, but not MBAM, or Superantispyware, the location according to the AVG resident shield's logs, is in "C:Windows/Temp/ppex.tmp/svchost.exe" with the ppex.tmp part of the location being changed to a random set of four letters. I believe that I was infeced with this trojan via a Torrent I downloaded from Vuze, I have deleted the suspected file and run numerous scans afterwards. The only activity that i have noticed with this Trojan horse is the fact that it redirects my browser to random Webpages displaying Ad's and such.

The process name that the resident shield of AVG reports is "C:/Windows/System32/svchost.exe". If you need any more details, scan's and log's, feel free to leave a link to the software needed to do so.


Sincerely Apol :thumbsup:

Edited by Apol, 25 December 2009 - 02:56 AM.


BC AdBot (Login to Remove)

 


#2 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,805 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:03:28 AM

Posted 25 December 2009 - 02:41 AM

As no logs have been posted, I am shifting this topic from the specialized HiJack This forum to the Am I Infected forum.

==>PLEASE DO NOT NOW POST LOGS<== unless a log is specifically requested.
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users