Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Another Trojan Horse Dropper.Generic5.CGOS


  • Please log in to reply
1 reply to this topic

#1 RedJasperHeart

RedJasperHeart

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:11:03 PM

Posted 23 April 2012 - 03:51 AM

Mod Edit: Split from http://www.bleepingcomputer.com/forums/topic450437.html/page__p__2675520#entry2675520 ~ Hamluis.

Hello,

I have a Fujitsu Siemens desktop, with Windows Vista Business and AVG popped a window with the same threat as above (kimbalaya) a Trojan Horse Dropper.Generic5.CGOS. On AVG it comes up as:
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
It also shows a registry key referring to this.

What does this trojan do?

AVG does not put it in the Vault and I have already ran Spybot Search&Destroy and MBAM and they don't find it, they come up clean.
Only AVG finds it but does not heal it - instead it tells me that I have to force removal which may crash the computer. Will it really crash the computer if I do? I have searched the net and I have found some sites telling me to work through Safe Mode with Networking and the Run Window but I don't know if it is safe. Others say that someone has to delete the corresponding registry keys.
If I delete Adobe and reinstall it will that delete the trojan too?

I don't know what to do - please please help?
Thank you!

Edited by hamluis, 23 April 2012 - 06:39 PM.
PM sent new OP.


BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,679 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:02:03 PM

Posted 23 April 2012 - 06:58 PM

Welcome aboard Posted Image

Upload following files to http://www.virustotal.com/ for security check:
- C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
IMPORTANT! If the file is listed as already analyzed, click on Reanalyse file now button.
Post scan results.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users