Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan Horse Dropper Generic 2 UHE?


  • Please log in to reply
7 replies to this topic

#1 JustinD

JustinD

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:05:36 AM

Posted 19 June 2010 - 02:49 PM

So I got a virus called "Anti-Malware Doctor" a week ago, I removed that and everything was good until I suddenly get random Tabs opening on firefox, and AVG detected one of them as a Rogue virus. So I left it, then I got on my computer yesterday, and AVG Resident shield keeps popping up an alert saying that there's a Trojan Horse Dropper Generic 2 UHE virus, and that its creating folders in my Windows>Temp Folder. I've tried enough Anti viruses, and Malwarebytes shows nothing, please help, and if you say just move it to the virus vault, I've tried but it never shows anything in the vault : Here's a screen shot of what I'm talking about :
Posted Image

Edited by JustinD, 19 June 2010 - 02:50 PM.


BC AdBot (Login to Remove)

 


#2 JustinD

JustinD
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:05:36 AM

Posted 19 June 2010 - 03:27 PM

Anybody? The stinking alert keeps popping up every 5-8 minutes, and my machine makes a noise that's noticeable when its about to pop up .

#3 Bobbye

Bobbye

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:04:36 AM

Posted 22 June 2010 - 09:55 AM

Justin,

You are asked to follow the steps for Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help HERE.:
There are screen shots to help you along.

The steps include running programs that will generate logs. Those logs give us information about your system and malware that may be on it. the logs for DDS and GMER will be reviewed and direction for you will be set up.

To help the 'annoyance factor', you may want to disable the AVG Alert feature while cleaning is progressing.

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,220 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:36 AM

Posted 22 June 2010 - 10:16 AM

Hello, justin... before going thr the other process we may be able to get this right here.

Please run these next. If you have Spybot installed temporarily disable it.
Next run ATF:
Note: On Vista, "Windows Temp" is disabled. To empty "Windows Temp" ATF-Cleaner must be "Run as an Administrator".

Please download ATF Cleaner by Atribune & save it to your desktop.
  • Double-click ATF-Cleaner.exe to run the program.
  • Under Main "Select Files to Delete" choose: Select All.
  • Click the Empty Selected button.
  • If you use Firefox browser click Firefox at the top and choose: Select All
  • Click the Empty Selected button.
    If you would like to keep your saved passwords, please click No at the prompt.
  • If you use Opera browser click Opera at the top and choose: Select All
  • Click the Empty Selected button.
    If you would like to keep your saved passwords, please click No at the prompt.
  • Click Exit on the Main menu to close the program.

Next run MBAM (MalwareBytes):

Please download Malwarebytes Anti-Malware (v1.46) and save it to your desktop.
Before you save it rename it to say zztoy.exe

alternate download link 1

alternate download link 2
MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Quick Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 Bobbye

Bobbye

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:04:36 AM

Posted 22 June 2010 - 01:42 PM

So you do not follow the guidelines you have set up regarding preliminary virus and malware removal? I could have requested Mbam or other programs, but not at the risk of being told that wasn't the way it's done!

Please advise where the thread is located for your preliminary steps to be done by the OP. I frequently see people waiting here for help- sometimes 10-12 days. Then you request they follow DDS and GMER. And then you lose many of the posters because they have sought help elsewhere.

Be consistent please.

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,220 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:36 AM

Posted 22 June 2010 - 02:33 PM

Perhaps when you've been on this forum for some time, you may notice that the DDS/HJT forum gets really backed up at times. Like now 4 -5 days... I unfortunately have to explain the fact that maybe I can clean this one here in a day or two. May be not but I wanted to give the OP a shot . not argue with you nor did I knock your advice // I simply said before going thr the other process we may be able to get this right here.



Now I no longer want to haggle in the OP's thread,
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 Bobbye

Bobbye

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:04:36 AM

Posted 22 June 2010 - 05:19 PM

My apology to the OP if I caused any confusion. I searched this site and thought I had the right steps for you to follow.

#8 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,399 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:05:36 AM

Posted 23 June 2010 - 08:38 AM

Bobbye, you may also want to read the pinned sticky How do I get help? Who is helping me?

Posting your problem here allows more experienced and knowledgeable Members and Staff to determine if solving your problem requires additional information and whether it is actually caused by malware or by some other problem requiring a different approach. If the problem is determined to be malware-related, experienced users can further determine if there is a simple solution such as running common or specific tools, or if your problem is complex enough to need the help of our trained Malware Response Team members.


.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users