8 Replies Latest reply on May 21, 2012 1:50 PM by bonniejean

    Generic.dx!b2fv (Trojan)

      Hello - Starting Saturday, May 19, I started getting and continue to receive a McAfee message that says "Trojan Removed" but the message keeps coming back - it refers to Generic.dx!b2fv (Trojan) and says it is quarantined from C:\\WINDOWSInstaller\<and then a bunch of numbers and alpaha).  It's like it's stuck there.   

      • Right now I am not able to use my home computer to access content on the internet nor can I send email messages.  My modem is working but it goes into freeze mode when I try to access a web page.
      • System will not allow me to update the Malwarebytes (sp?) program.  Ran a scan with current version of Malwarebytes (sp) on my system but it says there is no problem. 
      • Did a full scan with McAfee on Saturday, May 21, and system said there was no problem but I also get red notices saying that my system is not protected so perhaps something is turning off my firewall? 
      • I've attached a "Hijackthis.log" from this morning but it's a PDF format because I had to copy and convert to PDF from other location in order to send. 
      • I would appreciate your assistance in helping me resolve this problem.  I cannot access from my home PC.  I need to access from a different location and computer.

       

       

      Thank you.

       

      bonniejean

        • 1. Re: Generic.dx!b2fv (Trojan)
          Hayton

          Have you tried using System Restore to go back a few days to before when this happened? It might be your best bet, although I would advise running scans afterwards with McAfee (which will probably need updating) and Malwarebytes.

           

          Edit - Looking at the HJT log I see you you've got Java, Adobe Flash, and Adobe Photohop installed. You should check all of those for updates, they're favourite targets for malware attacks. You also have something called "Adobe Active File Monitor" which on your system is at version 5.0 - the current versions are 8.0 and 9.0 - and, as it's needed for Photoshop, I would guess Photoshop is well out of date.

           

          I also see that you're running McAfee and Spybot together, with the TeaTime option enabled. If that's right, the two are going to clash badly - I know, I tried it once (and never again).  Keep Spybot for on-demand scans if you want, but switch off the real-time element (TeaTime).

           

          There a few other programs on there and the advice is the usual for all of them : if you don't need them either uninstall them or prevent them from running at startup; if you do need them make sure they're up to date.

           

          Message was edited by: Hayton on 21/05/12 17:48:42 IST
          • 2. Re: Generic.dx!b2fv (Trojan)

            Hello Hayton -

             

            No I have not tried the system restore.  I don't know how to do that.

             

            But this might be why I keep getting multiple daily notices from McAfee to update.  I always update but it has seemed strange that I keep getting the notices.  Maybe my system isn't take the updates? 

            • 3. Re: Generic.dx!b2fv (Trojan)
              Hayton

              I would say that could be part of the problem.

               

              I added an extra section to the previous post about the HJT log - see if any of that helps.

               

              As for System Restore, it should be enabled on your system by default. What's your operating system (Win7, Vista, XP, other)?

              • 4. Re: Generic.dx!b2fv (Trojan)

                Thank you Hayton.  Sorry that I forgot to tell you my Operating System is XP. 

                 

                This is what I will do from my problem PC tonight when I get home.

                 

                Any suggestions re next steps if this does not fix the problem?

                 

                Thank you for your help.

                 

                • Set System Restore to go back a few days to before when this happened?
                • Update McAfee and run scan
                • Update Malwarebytes and run scan
                • Disable the "Tea Time" option; Keep Spybot for on-demand scans
                • Check Java, Adobe Flash for updates
                • Check Adobe Photoshop Elements for updates or uninstall.  Adobe Active File Monitor" which on your system is at version 5.0 - the current versions are 8.0 and 9.0 - and, as it's needed for Photoshop, I would guess Photoshop is well out of date.
                • Check the Hijack This listing for other programs that are no longer used / needed and uninstall.

                 

                bonniejean

                • 5. Re: Generic.dx!b2fv (Trojan)
                  Hayton

                  Suggestions  : not yet. Try System Restore first (and the other things).

                   

                  In XP, if you've got it, bring up the Help & Support Center. There is a 'System Restore'  link there which brings up a dialog screen. Follow the instructions to select a Restore Point : available days to go back to are highlighted on a calendar. If you can restore your system then any recent Windows Updates and McAfee updates will need to be reloaded.

                  • 6. Re: Generic.dx!b2fv (Trojan)

                    Hello Hayton ...again thank you very much for the advice.  I will try tonight and see how it goes. 

                     

                    bonniejean

                    • 7. Re: Generic.dx!b2fv (Trojan)

                      For what it's worth, I've just started getting this message today, and the only difference between today and yesterday on my computer is that I had just installed SpyBot (with Teatime). Might be worth deactivating Teatime or uninstalling SpyBot before trying anything more radical!

                      • 8. Re: Generic.dx!b2fv (Trojan)

                        Hello dangermoose:

                         

                        Thank you.  I will try that.  It's just that the SpyBot (with Teatime) is not something new on my system.  I haven't made any changes to that setup for over 1 year so don't quite know why it would start acting up now.  But in any event, I am going to disable Teatime.  Thank you.

                         

                        bonniejean