PDA

View Full Version : Trojan horse Downloader.Generic.KYL



Prophets21
2005-12-23, 04:14
I have tried elsewhere and searched google far and wide but alas, I cannot remove this god awful thing.

It resides in my Temp folder in my main user account.

I have 6 instances of it dated today and yesterday, all 8.17kb in size. They are named randomly with numbers for names, E.G. 12345.exe.

AVG detects it and deletes it, but it comes back within a couple of hours or so.

Here is a HJT log:

http://home.btconnect.com/dj_origin/hijackthis.log

LonnyRJones
2005-12-25, 01:25
Hello

Lets try one or preferably both of these online scan

TrendMicro™ HouseCall Java Scan

Please go HERE (http://www.trendmicro.com/hc_intro/default.asp) to run the Trend Micro™ HouseCall Scan.
Click Scan now. It's free!
Read and put a Check next to Yes I accept the terms of use.
Click the Launching HouseCall>> button.
If confirmed that HouseCall can run on your system, under Using Java-based HouseCall kernel click the Starting HouseCall>> button.
You may receive a Security Warning about the TrendMicro Java applet, click YES.
Under Scan complete computer for malware, grayware, and vulnerabilities click the Next>> button.
Please be patient while it installs, updates, and scans your system.
Once the scan is complete, it will take you to the summary page.
Under Cleanup options, choose clean all detected infections automatically.
Click the Clean now>> button.
If anything was found you will prompted to run the scan again, you can just close the browser window.


Computer Associates eTrust AV Web Scanner: http://www3.ca.com/virusinfo/virusscan.aspx
select all drives, scan, Try to cure/repair, if it cannot choose delete! If it cannot delete tell us the files names and locations.
If there are any problems post there report's back here.

tashi
2005-12-28, 16:17
Prophets21, do you still need assistance?

tashi
2005-12-30, 18:46
Due to lack of a response this topic will be archived.
If you need it re-opened please send a message to myself or Lonny with a link to this thread.