Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan Horse Generic29


  • Please log in to reply
5 replies to this topic

#1 L_A_M

L_A_M

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:06:39 AM

Posted 05 August 2012 - 12:20 PM

Hi! I've been having some computer problems lately which seem to be the result of something called Trojan Horse Generic29.

My computer is a Dell Inspiron E1505, running Windows XP. I ran AVG, and although it found the trojan, it won't remove it.

My computer has been running pretty slowly, yesterday I had some trouble starting it (not sure if that's related). A new development (Since yesterday) seems to be that my toolbar is now stacked instead of long. I haven't changed the settings on that so I'm not sure if it's related at all, but it seemed worth mentioning.

I've had a few computer problems before that I've managed to fix, but it seems to be more due to luck than anything else. Any help would be appreciated, and I'll update with any additional details found.

Thank you!

BC AdBot (Login to Remove)

 


#2 SleepyDude

SleepyDude

  • Malware Response Team
  • 3,052 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Portugal
  • Local time:12:39 PM

Posted 05 August 2012 - 12:43 PM

Hi,

Download Malwarebytes install the program but choose not to active the Trial you only want the Free version.

Let the program update a do a full scan, post the resulting log on your reply.

• Please do not PM me asking for support. Post on the forums instead it will increases the chances of getting help for your problem by one of us.
• Posts in the Malware section that are not replied to within 4 days will be closed. PM me or a moderator to reactivate.
• Please post your final results, good or bad. We like to know! Thank you!

 
Proud graduate of GeekU and member of UNITE
___
Rui

 
 


#3 L_A_M

L_A_M
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:06:39 AM

Posted 07 August 2012 - 08:01 PM

Sorry about the wait, here's the log:

Malwarebytes Anti-Malware (Trial) 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.05.08

Windows XP Service Pack 2 x86 NTFS
Internet Explorer 8.0.6001.18702
josue :: J-H62C60D1E9CSE [administrator]

Protection: Enabled

8/5/2012 7:46:58 PM
mbam-log-2012-08-05 (19-46-58).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 344679
Time elapsed: 3 hour(s), 43 minute(s), 48 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Documents and Settings\josue\Local Settings\Temp\150.tmp (Trojan.Agent.BRVGen) -> Quarantined and deleted successfully.

(end)

#4 L_A_M

L_A_M
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:06:39 AM

Posted 07 August 2012 - 08:40 PM

I should also note that despite it claiming the file was deleted, it's still showing up in AVG.

Also, I've noticed that when I click on the AVG link on my toolbar, a black box (like the command prompt box) appears for a split second in the upper left-hand corner of my screen. I managed to capture it with a screenhunter program, the top of it reads: C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe . Not sure if this is related, but thought it might help.

Thanks again!

ETA: I cannot believe I forgot to mention that I found the location of the virus (although I'm unsure of how to get rid of it) (and by found I mean AVG told me): C:\WINDOWS\system32\svchost.exe(1404):\memory_001a0000

Edited by L_A_M, 07 August 2012 - 09:19 PM.


#5 SleepyDude

SleepyDude

  • Malware Response Team
  • 3,052 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Portugal
  • Local time:12:39 PM

Posted 08 August 2012 - 10:46 AM

Hi,

No problem about the wait, I'm not here all the time...

Lets do a scan with Eset On-line Scanner, download and run it.

Make sure that the option Remove found threats is unticked and the Scan Archives option is ticked.
Click on Advanced Settings, an check the options:
  • Scan for potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth Technology are ticked.
Click Scan and then wait for the scan to finish (it will take some time).

When the scan ends press the button [LIST OF THREATS FOUND], click Export to Text File open the text file and copy & Paste the contents to your reply.
Press the BACK button.
Press Finish

• Please do not PM me asking for support. Post on the forums instead it will increases the chances of getting help for your problem by one of us.
• Posts in the Malware section that are not replied to within 4 days will be closed. PM me or a moderator to reactivate.
• Please post your final results, good or bad. We like to know! Thank you!

 
Proud graduate of GeekU and member of UNITE
___
Rui

 
 


#6 L_A_M

L_A_M
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:06:39 AM

Posted 08 August 2012 - 06:50 PM

Um okay good news and bad news. The good news is that the Trojan is gone, thanks to Avast! Anti-Virus, which managed to rid my system of it. Everything is working faster now, AVG is coming through clean, etc.

Bad news - my computer isn't letting me go to google, nor is it acknowledging my computer speakers. I'm not sure if this is involved, but I figured I'd put it here just in case. I'm going to try restarting and see if that helps.

Thank you!

ETA: I still can't access google, but I have sound! So... still not sure if it's connected? I mean, I've had minor problems where I have trouble accessing a website for a few minutes before, but with all the issues I've been having lately, I'd rather mention insignificant details than not mention ones that may be important.

Edited by L_A_M, 08 August 2012 - 07:07 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users