Trojan horse virus problem (generic29.ajge)

Discussion in 'Computer Help' started by Svnla, Dec 7, 2012.

  1. Svnla

    Svnla Lifer

    Joined:
    Nov 10, 2003
    Messages:
    12,902
    Likes Received:
    5
    Hi all,

    A family members got a Trojan horse virus generic 29.ajge problem on her Dell laptop with Win 7 Home Premium and ZoneAlarm firewall. AVG anti virus notified her but could not removed it. I tried to fix it but could not log on the net.

    I did Google it and the solutions were about edit registries and other fancy stuffs and I am not sure I want to touch it. The computer is working fine, just could not log on the net to update anything so I know that the trojan virus is still on the computer.

    Do any of you have any suggestions or ideas beside completely reformat the HD and install everything (after a full backup of course)? TIA.
     
    #1 Svnla, Dec 7, 2012
    Last edited: Dec 7, 2012
  2. Smoove910

    Smoove910 Golden Member

    Joined:
    Aug 2, 2006
    Messages:
    1,184
    Likes Received:
    0
    personally, I would install Malwarebytes and Spybot, let them find it and remove. After fixed, give a stern lesson on how to surf porn without getting a virus. :p
     
  3. denis280

    denis280 Diamond Member

    Joined:
    Jan 16, 2011
    Messages:
    3,298
    Likes Received:
    1
    and also go into the temp file select all delete.to do so in search box type in %temp%
     
  4. power_hour

    power_hour Senior member

    Joined:
    Oct 16, 2010
    Messages:
    789
    Likes Received:
    1
    One of the better guides: www.selectrealsecurity.com/malware-removal-guide/

    Mind you without an effective backup strategy your just playing with fire on any Win OS. They all get screwed pretty easy.

    If it were me, I would pull the drive and backup the data to another system and then reformat. There is shit out there that the guides don't know about. Is an hour or two of installing and finding some drivers really worth that risk?

    Then tell your friend to 1. Login as a normal user 2. Backup weekly 3. Use a VM for browsing suspect sites.
     
  5. Smoove910

    Smoove910 Golden Member

    Joined:
    Aug 2, 2006
    Messages:
    1,184
    Likes Received:
    0
    Can't say I fully agree with the logic of reformatting for all viruses. If everyone took that advise... well, there would be a whole bunch of people reformatting. Also, your link is dead. VM would be ideal, but 95% of people do not have the resources or the know-how to do this.

    OP, this is what I would do step by step:

    - Boot into safemode
    - type msconfig and see if there's any weird/obvious things in your 'startup' sequence. If so, uncheck to ensure it doesn't start up in a subsequent reboot.
    - reboot into normal mode
    - install Malwarbytes and spybot, let them run. Once they detect the baddies, let software uninstall
    - you'll probably be prompted for another reboot... do so now
    - once back into normal mode desktop, download/install cccleaner. Run this program
    - Enjoy!
     
  6. Steltek

    Steltek Golden Member

    Joined:
    Mar 29, 2001
    Messages:
    1,626
    Likes Received:
    0
    The last time I removed a variant of this particular trojan for somebody, it took running Kapersky's TDSSKiller, followed immediately by running Combofix (which had to be renamed to get it to run). After a system reboot, the final step was to run a full scan with Malwarebytes which resulted in a clean system.

    Now, YMMV depending upon what other stuff may be on there as well that you don't know about (AVG is a pretty weak antivirus solution these days).
     
  7. power_hour

    power_hour Senior member

    Joined:
    Oct 16, 2010
    Messages:
    789
    Likes Received:
    1
    Lets face it people are lazy. OP doesn't have backups and you mock me for suggesting to reformat.

    Nothing is a guarantee and pretending the standard methods are 100% fail safe is poor advice.

    I don't get what the big deal about a reinstall is anyway. The only downside is loss of time. If he attempts to clean and fails and gets hacked that is a massive downside.

    Its all about weighing the risks. If you need your PC for more than surfing for shit then be smart.
     
  8. Smoove910

    Smoove910 Golden Member

    Joined:
    Aug 2, 2006
    Messages:
    1,184
    Likes Received:
    0
    And being 'smart' is learning how to get a functional PC without reformatting everytime you get a bug. I didn't chastise you, I simply don't agree with your method, and I'm willing to bet 95% of people on these forums would not reformat either. It's alright man, the OP is his own person and can choose to reformat, or use one of the other ways that was suggested.
     
  9. Svnla

    Svnla Lifer

    Joined:
    Nov 10, 2003
    Messages:
    12,902
    Likes Received:
    5
    Thanks for all replies.

    1) First of all, the computer will NOT get on the internet to get update or download anything new so most of you guys' suggestions won't work. I could download new software onto a flash drive then install on that computer but won't able to download and update to the latest version anyway. :(

    2) Secondly, I did loan out the WD external drive and did a full back up on that computer.

    3) AVG is weak? Which one is strong? Keep in mind the user of this computer is on a fixed income so she likes free AV.

    4) VM = virtual machine? How do you set it up on a Dell laptop?

    I guess I have no choice but to reformat and reinstall windows and drivers. Unless you guys can show me a way to overcome #1. Thanks again ya'll.
     
    #9 Svnla, Dec 9, 2012
    Last edited: Dec 9, 2012
  10. Steltek

    Steltek Golden Member

    Joined:
    Mar 29, 2001
    Messages:
    1,626
    Likes Received:
    0
    Ok, give this a try.

    Download Kapersky's Rescue Disk 10 ISO from the following link:
    http://rescuedisk.kaspersky-labs.com/rescuedisk/updatable/kav_rescue_10.iso

    Either burn the ISO to a CD, or create a bootable flash drive using the ISO with Unetbootin (or the utility of your choice). Boot the computer using the CD or flash drive. Once Kapersky is booted up, the first thing you should do is update the database (the ISO itself is built on a Linux distribution, so it can independently access the wireless card or ethernet port of the laptop to connect to the internet to update its detection database). Once the database is updated, run a full scan on the computer.

    Once the scan is complete and everything is removed that can be removed, I'd remove the CD/flash drive and reboot to Windows. Once you get back to Windows, see if you can again connect to the Internet. If not, have TDSSKiller and Malwarebytes on a flash drive so you can run TDSSKiller, then install and run Malwarebytes. If it can collect to the internet, download and run TDSSKiller, followed by ComboFix and Malwarebytes.

    It isn't that AVG is a bad antivirus, but it is just weak. Especially if a person doesn't follow safe browsing practices. I'd recommend the next time you see it on sale that she pick up a paid copy of Malwarebytes to get the real time protection module. It complements antivirus protection and often catches bad IP addresses when you try to go to one or get an ad being distributed from a bad site. Personally, I use the combination of Avast free, Malwarebytes paid, and Comodo Firewall free, but YMMV depending upon browsing habits.
     
    #10 Steltek, Dec 9, 2012
    Last edited: Dec 9, 2012
  11. Svnla

    Svnla Lifer

    Joined:
    Nov 10, 2003
    Messages:
    12,902
    Likes Received:
    5
    Don't laugh but can you give more information about how to burn the ISO and the bolded/underlined section above? :p

    I did download the file from your link onto my flashdrive without problem.
     
  12. Steltek

    Steltek Golden Member

    Joined:
    Mar 29, 2001
    Messages:
    1,626
    Likes Received:
    0
    The easiest way to create a CD from an ISO is to download and install Imgburn:

    http://download.imgburn.com/SetupImgBurn_2.5.7.0.exe

    Install Imgburn and run it. Select the "Write Image File to Disc" option. Select the ISO file as the source file and your CD/DVD burner as the destination. Burn the CD.

    I'd also suggest downloading TDSSKiller, Combofix, and Malwarebytes to your flash drive so you'll have them for later in case you need them. I'd always run them in that order as well (you may have to rename the installers for TDSSKiller and Combofix to some random name in order to get them to run, depending upon what rootkits might be on the infected machines -- some of them try to protect themselves by preventing known antivirus and antimalware software from running, which is why you have to rename the executable files.).
     
    #12 Steltek, Dec 9, 2012
    Last edited: Dec 9, 2012
  13. AdvancedSetup

    AdvancedSetup Junior Member

    Joined:
    Dec 12, 2012
    Messages:
    9
    Likes Received:
    0