Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Generic Downloader.ab


  • Please log in to reply
4 replies to this topic

#1 Dash-mom

Dash-mom

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:03:02 PM

Posted 08 April 2006 - 11:27 AM

[font=Verdana]I have tried to remove this Trojan, and everytime I reset my computer, it is back again!! When I try to Delete, Quarantine or clean this file, I keep being told that it is not possible to perform this action. I used the HiJack This program, but had a very hard time understanding the results and was concerned about deleting things I should not delete. Any help will be greatly appreciated.....Dash-mom

BC AdBot (Login to Remove)

 


m

#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,587 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:05:02 PM

Posted 08 April 2006 - 02:15 PM

I used the HiJack This program, but had a very hard time understanding the results and was concerned about deleting things I should not delete

HijackThis is an advanced tool that requires advanced knowledge about the Windows Operating System. Most of the log entries are required to run a computer and removing essential ones can potentially cause serious damage such as your Internet no longer working or problems with running Windows itself. If you do not have advanced knowledge about computers you should NOT fix anything using HijackThis without consulting a expert as to what to fix.

We may be able to remove this Trojan without using Hijackthis. Please try the following:

If your using Win XP or Win 2000 download and scan with Ewido Anti-Malware v3.5
Ewido Install and Scan Instructions

When done perform this online scan: a-squared Web Malware Scanner
[Watch the Address bar in IE. You may receive alerts that "This site might require the following ActiveX control...Click here to install...". Click on that alert and then Click Install ActiveX component]
There are three options: Quick Scan, Smart Scan, Deep Scan and Custom Scan. The default selection is Smart Scan which is fast and scans the most important folders.
1. Click "Scan Your PC".
2. You may receive an alert on the address bar that "This site might require the following ActiveX control...Click here to install...". Click on that alert and then click "Insall ActiveX component".
3. A new window will appearing asking "Do you want to install this software?""
4. Select "Install" to download the ActiveX controls.
5. Click the blue "Scan" botton on the right to begin.
6. When the scan is completed, place a check mark in each box indicating malware and click "Quarantine selected objects"
7. Click "View Quarantine" to restore or permanently delete any or all items.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 Dash-mom

Dash-mom
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:03:02 PM

Posted 17 April 2006 - 05:45 PM

[font=Verdana]Thank you so much for your help and suggestions, I did as you instructed and it got rid of the Trojan for about 2 days and now it is back and I am having a hard time getting rid of it again...Dash-mom

#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,587 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:05:02 PM

Posted 17 April 2006 - 05:51 PM

Repeat the previous instructions.

As soon as your system is clean you should SET A NEW RESTORE POINT to prevent reinfection from an old restore point. Any trojans or malware you picked up could have been saved in System Restore. Since System Restore is a protected directory, your tools can not access it to delete these bad files which can reinfect your system. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to set a new RESTORE POINT:
1. Go to Start > Programs > Accessories > System Tools and click "System Restore".
2. Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
3. Then go to Start > Run and type: Cleanmgr
4. Click "OK".
5. Click the "More Options" Tab.
6. Click "Clean Up" in the System Restore section to remove all previous restore points except the newly created one.

If the problem does reappear then I suggest you read and follow all instructions in the pinned topic titled Preparation Guide For Use Before Posting A Hijackthis Log.

When you have done that, post a log in the HijackThis Logs and Analysis Forum, not here, for assistance by the HJT Team Experts.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,587 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:05:02 PM

Posted 17 April 2006 - 06:05 PM

Actually another thing you can try if the previous instructions fail is to download the 15-day free trial evaluation of CounterSpy . They have Downloader.AB listed in their database.

If CounterSpy successfully removes it, then set your new restore point. If not, proceed with the instructions for Hijackthis.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users