One of my family members has managed to infect his machine with, according to AVG Free, “Trojan Generic 10.xq”. AVG does not seem to completely remove the Trojan; I’ve also tried Ad-Aware 2007; which failed as well. Since I do not have physical access to the machine, it makes this entire process far more difficult for me.
Regardless, I have BOClean running on one of my machines and have been very happy with it, so I ran the “Covered Malware” report, and did not see this specific Trojan listed; how can I go about “reporting” this, other than what I am doing now, so this gets added to your list?
I can provide HiJackThis dumps or whatever else is needed.
The problem is that not every vendor gives the malware the same name. So if it is possible you would help us by sending the file
You can email it to: malwaresubmit [ at ] avlab.comodo.com .
Specify in the subject line “Positive”.
Zip and password protect it with “infected” and include that information in the body.
There is not a standard naming convention at this time so CBOC may call it something else.
Your best bet would to install CBOC on the infected machine and see what happens after rebooting.
Your best bet for completely removing Malware on a PC is to run SUPERANTISPYWARE (FREE). It does take quite a long time to do it’s scan but helped me out prior to using CBOC and managed to completely remove every part of the Trojan. Doesn’t that computer have an antivirus?
Thanks to everyone for such quick responses. I am going to try to walk him through getting a copy of the DLL zipped up and Emailed to you all as outlined in the instructions.
To answer another question asked: “Yes”, this machine has Anti-Virus software (AVG Free). AVG did find the trojan in Yabxx.dll but oddly enough, if you delete or clean the trojan, it seems to come back. Ok, I say “oddly”, but obviously the trojan is hiding itself, has set-up a service or runonce reg entry …
Here’s how it happened:
He called me, told me that AVG found a virus and put it in the vault. AVG could not heal the infected file, so I had him delete the file. Then I had him download Ad-Aware 2007 disconnect from the internet, and scan, then reconnect the machine to the internet, update, and scan again. Ad-Aware found two infected files and removed them. I then had him update and do a full scan using AVG again, and AVG found infected files again. At this point, realizing that the infection is not being removed from the machine, I had him shut the machine down, until I could do some more research into this Trojan. So that’s the point we’re at.
I am just a regular person, not EricEgan Global Moderator Comodo’s Hero, but I too would cast a vote for SuperAntiSpyware. I have the paid version, and have used it for three years. Put it together with BoClean (they work together just fine) and add AVAST, and one’s computer is probably as protected as it is possible to be.
SAS has helped me in the past when I had a simular issue last year. This was even with running Antivir. Some malware are particularly difficult to remove. SAS is just good at finding any remaining fragments of the virus on your system.
It’s usually recommended that you turn off your System Restore as System Restore Files are often infected with previous malware. You can turn System Restore back on once you’ve completely removed the trojan.
