Trojan Horse Generic6.aeph Removal

[GoBroncos]

Hello all,

I am in need of some assistance. I have obtained the trojan horse show in the title bar and am unable to remove it. AVG flags the trojan upon every restart. I've done multiple scans with AdAware, SpyBot, AVG, & VundoFix.

Attached is my hijackthis file...



Any assistance is much appreciated. Thanks in advance.

 

[kritius]

Hi GoBroncos,

Please follow all the steps HERE an post the three requested logs as attachments.

also get HJT to fix these entries,
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://portal.ehana.com/kapu.aspx?ReturnUrl=/
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: 0 - {F04C5295-D55A-4FB4-119C-3C46464F6E05} - C:\Program Files\Windows Media Player\wohutapuj909.dll (file missing)
O20 - Winlogon Notify: opnmlif - opnmlif.dll (file missing)

 

[GoBroncos]

Thanks for the quick response. I will go through the instructions.

Looking at previous posts on this trojan I found a suspicious file in my log that looks similar some of the other situations....

O4 - HKCU\..\Run: [Rzmc] C:\WINDOWS\system32\?asks\??chost.exe

I will not take any action until I complete all the steps requested by I just wanted to throw that out there.

 

[kritius]

O4 - HKCU\..\Run: [Rzmc] C:\WINDOWS\system32\?asks\??chost.exe

I know about that but its in the system32 folder so we'll go through the 15 steps first and see what comes up in those and what is gotten rid of.

Just a quick note, when doing the AVG antispyware step make sure that you follow the instructions in the guide exactly it is very important to have the files quarantined and the log posted.

Good luck and if you have any questions then just ask.

 

[Blind Dragon]

That is clickspring/Purity scan we can remove it manually after you have done the 15 steps - it's actually been very common lately, seems easy to remove but the problem with it is that is downloads additional malware, so good idea to get it off