Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Trojan Horse generic 13

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: Trojan Horse generic 13

Unread postby andreamarie » April 28th, 2009, 5:10 pm

Michael,
I did as you instructed, I removed Java 6 - 12 and Installed version 6 - 13. I see V. 6 - 13 in the add/removal list in control panel also in the Control panel menu, but on the C:\Q00 it's still showing V. 6 - 12. Is there something more I need to do, I followed your instructions to the "T".

I'm also getting AVG pop-ups regarding: yieldmanager & doubleclick, "potential dangerous" notification when I open up Internet Explorer or Yahoo from Desktop. I send them to VirusVault. Is that normal after all that has been done?
andreamarie
Regular Member
 
Posts: 22
Joined: April 23rd, 2009, 11:23 am
Advertisement
Register to Remove

Re: Trojan Horse generic 13

Unread postby MikeSwim07 » April 28th, 2009, 7:11 pm

Yes, what AVG is quarantining are just cookies, which are pretty harmless. You can continue to remove them or just ignore them, it really doesn't matter too much.

How is everything running now?

Run Kaspersky Online Scan

Please go to Kaspersky website and perform an online antivirus scan.

  • Read through the requirements and privacy statement and click on Accept button.
  • It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
  • When the downloads have finished, click on Settings.
  • Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
      Spyware, Adware, Dialers, and other potentially dangerous programs
      Archives
      Mail databases
  • Click on My Computer under Scan.
  • Once the scan is complete, it will display the results. Click on View Scan Report.
  • You will see a list of infected items there. Click on Save Report As....
  • Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button.
  • Please post this log in your next reply.
MikeSwim07
Regular Member
 
Posts: 4215
Joined: August 27th, 2007, 9:44 am
Location: Gone

Re: Trojan Horse generic 13

Unread postby andreamarie » April 28th, 2009, 9:26 pm

Here is the kaspersky scan log:

KASPERSKY ONLINE SCANNER 7.0 REPORT
Tuesday, April 28, 2009
Operating System: Microsoft Windows XP Professional Service Pack 3 (build 2600)
Kaspersky Online Scanner version: 7.0.26.13
Program database last update: Wednesday, April 29, 2009 00:49:07
Records in database: 2088190
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - My Computer:
A:\
C:\
D:\

Scan statistics:
Files scanned: 65749
Threat name: 2
Infected objects: 11
Suspicious objects: 0
Duration of the scan: 00:47:17


File name / Threat name / Threats count
C:\Program Files\Trend Micro\HijackThis\backups\backup-20090421-212043-937.dll Infected: Trojan-Downloader.Win32.Agent.bqxc 1
C:\Program Files\Trend Micro\HijackThis\backups\backup-20090421-234324-960.dll Infected: Trojan-Downloader.Win32.Agent.bqxc 1
C:\Program Files\Trend Micro\HijackThis\backups\backup-20090422-235824-668.dll Infected: Trojan-Downloader.Win32.Agent.bqxc 1
C:\Program Files\Trend Micro\HijackThis\backups\backup-20090422-235853-321.dll Infected: Trojan-Downloader.Win32.Agent.bqxc 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\hobavana.dll.vir Infected: Trojan.Win32.Monder.bzdz 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\kirojeke.dll.vir Infected: Trojan-Downloader.Win32.Agent.bqxc 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\lerosusi.dll.vir Infected: Trojan-Downloader.Win32.Agent.bqxc 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\palozora.dll.vir Infected: Trojan.Win32.Monder.bzdz 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\tezimawi.dll.vir Infected: Trojan-Downloader.Win32.Agent.bqxc 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\warewabe.dll.vir Infected: Trojan.Win32.Monder.bzdz 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\yilative.dll.vir Infected: Trojan-Downloader.Win32.Agent.bqxc 1

The selected area was scanned.
andreamarie
Regular Member
 
Posts: 22
Joined: April 23rd, 2009, 11:23 am

Re: Trojan Horse generic 13

Unread postby MikeSwim07 » April 29th, 2009, 6:06 pm

This is my normal post for when you are clear - which you now are - or seem to be.
Please advise of any problems you still have. If you think you're clean please give one more reply so that I can archive this topic.

Now that you are clean, I have some tips & tricks for you to keep your computer clean and secure. The first few (like removing dangerous tools and Windows Update) have to be done, the others are optional.

It may seem like your system will be too much protected with all these things installed, but a lot of programs aren't running always on the background so don't slow down your computer. Please take a look at the following things:

  • Uninstall tools - The following will not only uninstall ComboFix but also clean up some other dangerous tools and backups, clean up the System Restore points and hide the system files.
    • Go to Start
    • Click on Run
    • Type ComboFix /u

    You may delete any logs left on the desktop. Please also delete JavaRa. I recommend that you keep Malwarebyte's Anti-Malware and scan with it regularly.
  • Make your Internet Explorer more secure - This can be done by following these simple instructions:
    • From within Internet Explorer click on the Tools menu and then click on Options.
    • Click once on the Security tab
    • Click once on the Internet icon so it becomes highlighted.
    • Click once on the Custom Level button.
      • Change the Download signed ActiveX controls to Prompt
      • Change the Download unsigned ActiveX controls to Disable
      • Change the Initialize and script ActiveX controls not marked as safe to Disable
      • Change the Installation of desktop items to Prompt
      • Change the Launching programs and files in an IFRAME to Prompt
      • Change the Navigate sub-frames across different domains to Prompt
      • When all these settings have been made, click on the OK button.
      • If it prompts you as to whether or not you want to save the settings, press the Yes button.
    • Next press the Apply button and then the OK to exit the Internet Properties page.
  • Update your Anti-Virus Software - It is imperative that you update your Anti-virus software everyday. If you do not allow your anti-virus software to update itself then it will not be able to catch any of the new variants that may come out.
  • Visit Microsoft's Update Site Frequently - It is important that you visit http://update.microsoft.com/ regularly. This will ensure your computer has always the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.
  • Install Spybot - Search and Destroy - Install and download Spybot - Search and Destroy with its TeaTimer option.
    This will provide real-time spyware & hijacker protection on your computer alongside your virus protection. You should also scan your computer with program on a regular basis just as you would an anti-virus software. A tutorial on installing & using this product can be found here:
    Tutorial for Spybot S & D
  • Install WinPatrol - As a robust security monitor, WinPatrol will alert you to hijackings, malware attacks and critical changes made to your computer without your permission. WinPatrol takes snapshot of your critical system resources and alerts you to any changes that may occur without your knowledge. You can download it from this website:
    WinPatrol
    The developer is a well-known man in the MalWare Removal business. If you really like WinPatrol think about upgrading to the PLUS version. It will give you additional features and you will only have to pay once, for your whole malware-free life.
  • Install MVPS HOSTS - This custom hosts file effectively blocks a wide range of unwanted ads, banners, 3rd party Cookies, 3rd party page counters, web bugs, and many hijackers.
    For information on how to download and install, please read this tutorial here:
    WinHelp2002
    Note: Be sure to follow the instructions to disable the DNS Client service before installing a custom hosts file.
  • Use an alternative Internet Browser - Many of the exploits are directed to users of Internet Explorer. Although every browser gets exploited by malware, certain programs are exploited not as much. It is important that you keep your browser up-to-date. Try using a different browser instead:
    Firefox
    Opera
  • Bookmark this general cleanup link - It could be that your computer is becoming slower and slower. This is not always the cause of malware. Most of the times it's malware when you're computer is suddenly getting slow or doing strange. When the slowdown increases slowly check (bookmark please) this link for tips & tricks:
    Help! My computer is slow
  • Update all these programs regularly - Make sure you update all the programs I have listed regularly. Without regular updates you WILL NOT be protected when new malicious programs are released.

Follow this list and your potential for being infected again will reduce dramatically.

>> Here << you can see how you can help us.
MikeSwim07
Regular Member
 
Posts: 4215
Joined: August 27th, 2007, 9:44 am
Location: Gone

Re: Trojan Horse generic 13

Unread postby andreamarie » April 29th, 2009, 9:05 pm

Yes, everything is working fine :D . Thank you again so much. You don't know how grateful I am.

I support the cause....malware stinks!

~Andrea
andreamarie
Regular Member
 
Posts: 22
Joined: April 23rd, 2009, 11:23 am

Re: Trojan Horse generic 13

Unread postby silver » April 30th, 2009, 9:18 pm

This topic is now closed
We are pleased to have been of assistance in getting you clean.

If you have been helped and wish to donate with the costs of this volunteer site, you can do so using this link
Donations For Malware Removal
User avatar
silver
Regular Member
 
Posts: 9219
Joined: August 7th, 2006, 9:40 pm
Location: GMT+7
Advertisement
Register to Remove

Previous

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 475 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware