• Announcements

    • Andrew Browne

      Support for other products than adaware, ad block and Web Companion

      Support for the following products is handled by the Lavasoft support team: Lavasoft Tuneup Kit Lavasoft PC Optimizer Lavasoft Driver Updater Lavasoft Registry Tuner Lavasoft Privacy Toolbox Lavasoft File Shredder Lavasoft Digital Lock


      For help with these products, contact the support team here: http://www.lavasoft.com/support/supportcenter/

Sign in to follow this  
Followers 0
Benderus

Problems With Generic 4 Trojan

4 posts in this topic

Go to http://www.bleepingcomputer.com/submit-mal....php?channel=13 and enter the following:

 

Link to topic where this file was requested: http://www.lavasoftsupport.com/index.php?showtopic=9378

Browse to the file you want to submit: C:\Programmi\Toolbar\like_googlenew1.1a.dll

Leave any comments, further information about this file, or contact information: CLSID Toolbar: 25F97EB4-1C02-45BA-BA0C-E67AACE64D4A

BHO: 1D09A743-00ED-4713-BCC4-32D590D1087A

 

After that, clck on 'Send'.

 

Finally, post a new fresh hijackthis log here as your next answer. (Please not as an attachement.)

Share this post


Link to post
Share on other sites

Thank you for uploading the file; however, unfortunately it was not the one requested.

 

You uploaded a TFRC.tmp file, which is indeed malware (Trojan.Win32.Agent.ahp), but the one we'd like to have a look at was C:\Programmi\Toolbar\like_googlenew1.1a.dll

 

Could I please ask you to find and upload that one as well?

 

Thanks a lot for your cooperation! :wub:

Share this post


Link to post
Share on other sites

This time you picked the right one, but unfortunately it was a 0 byte file, which usually means your antivirus may be blocking it, or the file may be in use by another application.

 

Let's try it this way:

 

Please download Killbox.

Click killbox.exe.

Select the option "Delete on reboot".

Click the button: Single File (!important!)

 

Next, copy the following bold line:

 

C:\Programmi\Toolbar\like_googlenew1.1a.dll

 

Open 'file' in the killboxmenu on top and choose Paste from clipboard

 

Then press the button that looks like a red circle with a white X in it.

Killbox will tell you that all listed files will be removed on next reboot and asks if you would like to Reboot now, click YES

If you don't get that message, reboot manually.

 

Your computer should reboot now. The file in question will have been moved into a newly created folder called C:\!Killbox

 

 

Once it has rebooted, go back to http://www.bleepingcomputer.com/submit-mal....php?channel=13 , browse to that C:\!Killbox folder , Highlight that folder, then press "Send File', in order to submit it.

 

 

Much appreciated! :)i

Share this post


Link to post
Share on other sites
Sign in to follow this  
Followers 0