Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Need Help with Trojan Generic29.AJGE

29 Apr 2013   #1
gloverjd

Windows 7 Ultimate
 
 
Need Help with Trojan Generic29.AJGE

I seem to have been invaded by a Trojan. (Name listed above) AVG detected it but cannot remove it. I get access denied when I request that it be removed. I think the affected program is explorer.exe since I get a message from AVG whenever explorer.exe is started. What to do, what to do. Any assistance is appreciated.

Thanks,
jdg


My System SpecsSystem Spec
.

29 Apr 2013   #2
Jacee
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

Download DDS from one of these links:
DDS.com
DDS.pif
  • Disable any script blocking protection
  • Double click the dds icon to run the tool.
  • When done, DDS will open two (2) logs:
    1. DDS.txt
    2. Attach.txt <--- will be minimized in the task tray
  • Save both reports to your desktop.
Include the contents of both logs in your next post.
The scan will instruct you to post Attach.txt as an attachment.
My System SpecsSystem Spec
29 Apr 2013   #3
cottonball

Windows 7 Home Premium
 
 

gloverjd,

In addition to what Jacee requested, can you tell us what files/location AVG is reporting?

Also, please download RogueKiller:
Tlcharger RogueKiller (Site Officiel)

When you get to the website, go to where it says:
(Download link) Lien de téléchargement:
Select the version for your system: 32-bit or 64-bit (See Note below.)
Click the applicable dark-blue button to download.
Save to the Desktop.

Close all windows and browsers.

Right-click and select: Run as Administrator

At the program console, wait for the prescan to finish. (Under Status, it says: Prescan finished.)

Press: SCAN

When done, a report opens on the Desktop: RKreport.txt

Please provide the RKreport.txt (Mode: Scan) in your reply.
(Do not take action to fix anything, please!!)


Note:
You need to know if the infected computer is running a 32-bit or 64-bit system.
To find out, click: Start
Type System in the Start Search box
Click System in the Programs list.

The operating system is displayed as follows under System > System type:
64-bit Operating System
32-bit Operating System
My System SpecsSystem Spec
.


29 Apr 2013   #4
gloverjd

Windows 7 Ultimate
 
 

I think I have included everything asked for. The Word document contains three screen prints: One shows AVG blocking the threats. The other two are the infected programs - explorer.exe and RogueKiller64.exe. Hope you got the attachments; I did not insert them.

Thanks,
jdg


Attached Files
File Type: zip attach.zip (3.3 KB, 1 views)
File Type: txt dds.txt (18.4 KB, 3 views)
File Type: txt RKreport[1]_S_04292013_02d2056.txt (3.1 KB, 4 views)
File Type: doc Doc1.doc (148.5 KB, 6 views)
My System SpecsSystem Spec
29 Apr 2013   #5
cottonball

Windows 7 Home Premium
 
 

gloverjd,

Thanks for the additional info.

Let's press on with RogueKiller...

•Please quit all programs
•Right-click the RogueKiller file and select: Run as Administrator
•Wait until the Prescan finishes
•Press: Scan
•Once the scan is done, click the Registry tab.
•Make sure only the following entry is checked:

[HJ INPROC][ZeroAccess] HKCR\[...]\InprocServer32 : (C:\$Recycle.Bin\S-1-5-21-1195105727-229723847-1802915304-1002\$77080bb8b6c592054498c15000827081\n) [-] -> FOUND

•Now, click the Files tab.

•Make sure the following four entries are checked:
[ZeroAccess][FILE] n : C:\$recycle.bin\S-1-5-21-1195105727-229723847-1802915304-1002\$77080bb8b6c592054498c15000827081\n [-] --> FOUND

[ZeroAccess][FILE] @ : C:\$recycle.bin\S-1-5-21-1195105727-229723847-1802915304-1002\$77080bb8b6c592054498c15000827081\@ [-] --> FOUND

[ZeroAccess][FOLDER] U : C:\$recycle.bin\S-1-5-21-1195105727-229723847-1802915304-1002\$77080bb8b6c592054498c15000827081\U --> FOUND

[ZeroAccess][FOLDER] L : C:\$recycle.bin\S-1-5-21-1195105727-229723847-1802915304-1002\$77080bb8b6c592054498c15000827081\L --> FOUND

•Now, press the [Delete] button.

Please post the new RKreport (Mode: Remove) in your reply.
The report is created on the Desktop.
My System SpecsSystem Spec
29 Apr 2013   #6
VistaKing

Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
 
 

cottonball

The .doc file was just an image of what AVG Found which was the viruses .
My System SpecsSystem Spec
29 Apr 2013   #7
cottonball

Windows 7 Home Premium
 
 

I know...got it opened.
My System SpecsSystem Spec
30 Apr 2013   #8
gloverjd

Windows 7 Ultimate
 
 

Did as you requested. The file from RogueKiller is attached.

Thanks,
jdg


Attached Files
File Type: txt RKreport[1]_S_04302013_02d0706.txt (2.8 KB, 3 views)
My System SpecsSystem Spec
30 Apr 2013   #9
cottonball

Windows 7 Home Premium
 
 

The last report is Mode Scan, and nothing happened there, other than showing the entries.

Is there an RKreport (Mode: Remove) or (Mode Delete) somewhere on the Desktop?
It shows what was removed/deleted.
My System SpecsSystem Spec
30 Apr 2013   #10
gloverjd

Windows 7 Ultimate
 
 

Oops, my bad. I didn't close enough. I think the attached is what you are looking for. I've also noticed that AVG has not reported a threat since these entries were removed.

Thanks,
jdg


Attached Files
File Type: txt RKreport[2]_D_04302013_02d0711.txt (2.9 KB, 4 views)
My System SpecsSystem Spec
Reply

 Need Help with Trojan Generic29.AJGE




Thread Tools





Similar help and support threads
Thread Forum
Trojan called 'Trojan.Generic.2582177' on my system
Hi, I have Window7 Ultimate 64 bit on my system. I use Bitfender as my antivirus software. This morning it informed me that it has found a file infected with a virus called 'Trojan.Generic.2582177' which it cannot clean. I've contacted Bitfender to see if they know what I should do but haven't...
System Security
Need to remove Trojan Generic29.AJGE
When I turn on my computer I get a pop up saying AVG detected Generic29.AVGE Its located in c:\Recycle.Bin\s-1-5-21-31044135-224... I've downloaded DDS and Rouge Killer. Here are my reports...
System Security
Need some help got a trojan
Hello, First off sorry if this is in wrong area. My parents have got a trojan ( Smart internet protection) even tho they was protected using Mcafee internet security. Anyways, when i tried to open mcafee to run a system scan it would not let me. I don't know any thing about what to do, i have...
System Security
trojan
so i was downloading a file off the internet and i got a lovely little trojan, i ran norton on it and it didnt detect it, and every time i tried to open bittorrent or google chrome microsoft like security advisor or something said that it could not open because of the trojan and it advised me to...
BSOD Help and Support
Trojan:Win32/FakeSpypro & Trojan:JS/FakeSpypro
A little help,please.Got this trojan earlier.It disabled MSE,MBAM,Internet,CCleaner,and pretty much anything .exe.Claimed everything was infected...so says whatever fake AV program that came with it.(I wish I could figure out how to use the indention tool here)I had to restart,open task manager...
System Security
Trojan, Please HELP!!!
Well, I’m a little embarrassed to say, I’ve been hit with a rather nasty Trojan. McAfee detected it right away, and I told it to quarantine the junk, and I assumed it had… until IE kept opening with random junk pages I didn’t prompt it to open. :mad: I therefore, did not write down the name of...
System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 16:47.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App