Trojan horse Generic11.PWW - how do i get rid of - HotUKDeals
We use cookie files to improve site functionality and personalisation. By continuing to use HUKD, you accept our cookie and privacy policy.
Get the HUKD app free at Google Play

Search Error

An error occurred when searching, please try again!

Login / Sign UpSubmit

Trojan horse Generic11.PWW - how do i get rid of

sassie Avatar
banned8y, 3m agoPosted 8 years, 3 months ago
AVG has just picked this up, looking in google it was something to do with adobe, sure that kicked in on my comp yesterday, thought avg should have picked it up at the time, not when scanned

anyone help me get rid
sassie Avatar
banned8y, 3m agoPosted 8 years, 3 months ago
Options

All Comments

(20) Jump to unreadPost a comment
Comments/page:
#1
no , does it shut your pc down
banned#2
alnbowes
no , does it shut your pc down


no to what - lol

and no it doesnt shut my pc down
1 Like #3
Hey Sassie, follow these instructions and paste the log(s) over at [url]www.techmonkeys.co.uk[/url] and one of my malware monkeys will guide you through getting rid of it if you like.

Option 1 - Download & place the tool in the right place

Download the tool from one these locations and save it to your desktop:

http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis

Many people get confused on where to place the tool. I have seen many users not knowing and extracting the tool in the TEMP folder. This is not a good place to extract it too

[color=red]Do NOT run the tool from .zip file when it has been extracted in the TEMP folder[/color]

Create a folder for Hijackthis on the C: drive called C:\HJT or something similar

For example:[list]
[*]C:\HJT\ or C:\Hijackthis\
[/list]You can do this by going to:[list]
[*]Click on Start then My Computer
[*]Double click on C:(the Local Disk you have Windows installed on)
[*]Right click and select New then Folder and name it HJT
[/list]Extract HijackThis.exe(that is saved on your desktop) from the zip archive into that folder you created. Or if it isn't a .zip file. Just Copy & Paste the .exe file into the new folder.

----------

Option 2 - How to create a HJT log

One really easy step here. [list=1]
[*]Open up HijackThis.
[*]Click ok to the warning that may appear.
[*]Once it is up an running, click on Do a system scan and save a log file. This will open up notepad once scanned.
[*]In the notepad with the log in and click on Edit>Select All. Then Edit>Copy and post your log in a New Topic in the [color=red]HijackThis log area[/color].
[/list]Or if you already have en existing topic, post it in a reply to the topic.

Note - Only post a HJT log and then please wait for assistance. If you reply to your thread without any help your chances of getting help will be slow

A helper will be with you as soon as possible.
#4
Sorry can`t help but looks like your not on your own, someone else asked for info yesterday here.
http://forums.techguy.org/malware-removal-hijackthis-logs/746049-trojan-horse-generic-avg-anti.html
banned#5
got to go pick little guy up from school, so do as soon as i get back, what do i do when avg stopped running, try and quarentine it?
#6
#7
You can quarantine it for now, but it is best to get your machine checked over, because a virus/trojan/malware is rarely 1 file or set of files, they will normally bury themselves all over your system which AV's dont always clean and this will leave you open to re-infection.
banned#8
avg has finished it says

infections found 1
infected onjects removed or healed 1

does this mean it has removed it, and i dont need to do the above?
banned#9
f i need to which one of these 3 do i download to desktop
http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download
#10
Any will do, but the installer will be the easiest.
banned#11
it has opened notepad with what you asked for, can you not help me here? or do i need to do it on other place, im really not tech minded and dont want to look a complete muppet


also the log wont have any of my details in will it, like names of computers and files and stuff
#12
Sassie, we could have a go at it here, however I have been out of the loop on malware removal for a while, so it is better I get one of the experts over on Techmonkeys such as Mjack or Chiaz to go over the log(s).

Also here it is more likely to get interrupted with others chipping in their advice, where as on Techmonkeys, 1 person will help you from beginning to end.
banned#13
i dont mind looking a complete moron on here - lol

i have read your post over there, and its far to copy and paste for me, i need simple

can you tell me what i need to download before disconnecting from the net, and turning off my things
#14
Ok I will abreviate what I said on the other site :) It may still look like a lot, but it is just that it is written step by step, in effect it will only take 10 mins or so.

However make sure you post the logs over on Techmonkeys and not here as I am not up to date with where the latest malwares are lurking and the methods to get rid of them.

Please close/disable all anti-virus and anti-malware programs so they do not interfere with the running of ComboFix and make sure you are disconnected from the Internet after downloading the program and before scanning.

Download ComboFix from http://download.bleepingcomputer.com/sUBs/ComboFix.exe to your Desktop.

* Double click combofix.exe and follow the prompts.
* When finished, it shall produce a log for you. Post that log and in your next reply

Note: Do not mouseclick combofix's window while its running. That may cause it to stall

Download and scan with SUPERAntiSpyware Free for Home Users http://www.superantispyware.com/

* Double-click SUPERAntiSpyware.exe and use the default settings for installation.
* An icon will be created on your desktop. Double-click that icon to launch the program.
* If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download and unzip them from here.)
* Under "Configuration and Preferences", click the Preferences button.
* Click the Scanning Control tab.
* Under Scanner Options make sure the following are checked (leave all others unchecked):
o Close browsers before scanning.
o Scan for tracking cookies.
o Terminate memory threats before quarantining.
* Click the "Close" button to leave the control center screen.
* Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
* On the left, make sure you check C:\Fixed Drive.
* On the right, under "Complete Scan", choose Perform Complete Scan.
* Click "Next" to start the scan. Please be patient while it scans your computer.
* After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
* Make sure everything has a checkmark next to it and click "Next".
* A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
* If asked if you want to reboot, click "Yes".
* To retrieve the removal information after reboot, launch SUPERAntispyware again.
o Click Preferences, then click the Statistics/Logs tab.
o Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
o If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
o Please copy and paste the Scan Log results in your next reply along with a Hijackthis log.
* Click Close to exit the program.
banned#15
I have turned off firewall and avg

when i do spybot i do the bit in red, when i clcik on the sysytem start up icon there is no uncheck tea timer, and dont panic im on the other comp

[COLOR="Red"]SPYBOT TEATIMER
Launch Spybot S&D, go to the Mode menu and make sure "Advanced Mode" is selected.
On the left hand side, click on Tools, then click on the Resident Icon in the list.
Uncheck the "Resident "TeaTimer" (Protection of overall system settings) active." box.[/COLOR]
Click on the "System Startup" icon in the List
Uncheck the "TeaTimer" box and "OK" any prompts.
If Teatimer gives you a warning that changes were made, click the "Allow Change" box when prompted.
Exit Spybot S&D when done.
(When we are done, you can re-enable Teatimer using the same steps but this time place a check next to "Resident TeaTimer" and check the "TeaTimer" box in System Startup.]
banned#16
ok, ignore that, found it and sorted

now running 1st scan
banned#17
right first scan done and my name is plastered all over it

doing second one now but am i supposed to be online to do it, as started it and then realised maybe i should be online?
1 Like #18
Hey Sassie, sorry I wasn't online last night, I see however Mjack got you all cleaned up :)

The only reason your name will be in the logs is because it will be your username on the computer, so when it details items such as your settings folder your name will be in by default.

Glad everything is better now :)
banned#19
well scanned the complete comp again this morning and the superantispyware picked up the trojan again, i thought if avg vaulted it then it was ok, no vaulted it with this, is this gonna happen everytime i scan?

Post a Comment

You don't need an account to leave a comment. Just enter your email address. We'll keep it private.

...OR log in with your social account

...OR comment using your social account

Thanks for your comment! Keep it up!
We just need to have a quick look and it will be live soon.
The community is happy to hear your opinion! Keep contributing!