Trojan Horse Generic6.aeph Removal

By GoBroncos
Mar 7, 2008
Topic Status:
Not open for further replies.
  1. Hello all,

    I am in need of some assistance. I have obtained the trojan horse show in the title bar and am unable to remove it. AVG flags the trojan upon every restart. I've done multiple scans with AdAware, SpyBot, AVG, & VundoFix.

    Attached is my hijackthis file...



    Any assistance is much appreciated. Thanks in advance.
  2. kritius

    kritius TechSpot Guru Posts: 2,087

    Hi GoBroncos,

    Please follow all the steps HERE an post the three requested logs as attachments.

    also get HJT to fix these entries,
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://portal.ehana.com/kapu.aspx?ReturnUrl=/
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: 0 - {F04C5295-D55A-4FB4-119C-3C46464F6E05} - C:\Program Files\Windows Media Player\wohutapuj909.dll (file missing)
    O20 - Winlogon Notify: opnmlif - opnmlif.dll (file missing)
  3. GoBroncos

    GoBroncos Newcomer, in training Topic Starter

    Thanks for the quick response. I will go through the instructions.

    Looking at previous posts on this trojan I found a suspicious file in my log that looks similar some of the other situations....

    O4 - HKCU\..\Run: [Rzmc] C:\WINDOWS\system32\?asks\??chost.exe

    I will not take any action until I complete all the steps requested by I just wanted to throw that out there.
  4. kritius

    kritius TechSpot Guru Posts: 2,087

    I know about that but its in the system32 folder so we'll go through the 15 steps first and see what comes up in those and what is gotten rid of.

    Just a quick note, when doing the AVG antispyware step make sure that you follow the instructions in the guide exactly it is very important to have the files quarantined and the log posted.

    Good luck and if you have any questions then just ask.
  5. Blind Dragon

    Blind Dragon TechSpot Evangelist Posts: 4,048

    That is clickspring/Purity scan we can remove it manually after you have done the 15 steps - it's actually been very common lately, seems easy to remove but the problem with it is that is downloads additional malware, so good idea to get it off
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.