Folder AVG Forums » Other topics » Virus Removal, Tools for Removing » Trojan Horse Generic27.AFYF.Dropper
March 9, 2012 15:13 Trojan Horse Generic27.AFYF.Dropper #195024
Reply with Quote | Quick Reply | Top
Tarquin75

Avatar

Novice
Join Date: 9.3.2012
Posts: 4
Hi,

About a week ago I got some viruses that I knew about straight away. There was a windows command processor virus and AVG picked up several Win32/Heur in C:\root ( root is some software) and C:\SWSetup. AVG couldn't remove everything so I ran MalwareBytes which seemed to pick up and remove some bits of malware and I stopped getting the command processor popups and AVG stopped detecting threats and a full scan showed nothing.

Today AVG suddenly detected several Trojan Horse Generic27.AFYF.dropper threats all over my C drive. It removed almost all apart from some in C:\Python27 where it said 'Object inaccessible'. Should I be worried and is there anything else I need to do to clean my computer? I am currently running a full scan of MalwareBytes to see if there is anything else. I see that AVG updated itself last night to virus DB 2113/4858.

I am using AVG free 2011. The virus database is currently 2113/4858. I am running Windows 7, updated a couple of days ago.

Many thanks
March 9, 2012 17:50 Re: Trojan Horse Generic27.AFYF.Dropper #195041
Reply with Quote | Quick Reply | Top
Dusan Obert

Avatar

Administrator
Join Date: 12.8.2009
Posts: 1595
Hello Tarquin75,

As the objects are inaccessible, please try to run full system scan in safe mode.

If there are still any objects not removed, provide us with scan results export.

Also attach both GMER outputs so we can make sure that there is no active undetected infection present.

Thank you
___________________AVG TeamHow-To articles | FAQ | Free SupportWe Protect Us
March 12, 2012 03:05 Re: Trojan Horse Generic27.AFYF.Dropper #195163
Reply with Quote | Quick Reply | Top
Tarquin75

Avatar

Novice
Join Date: 9.3.2012
Posts: 4
I could not get GMER to do a full scan without crashing. I tried both the latest version and 114; I could not find a download for an older version. I have attached the output from the autostart scan. I also did a full avg scan in safe mode (log attached) which did not find anything but a day later when I did a scan in regular windows it found 258 of these trojan threats and removed them all. I am pretty sure there is still something lurking in my computer.

Many thanks
March 12, 2012 12:37 Re: Trojan Horse Generic27.AFYF.Dropper #195185
Reply with Quote | Quick Reply | Top
nemethste

Avatar

Administrator
Join Date: 1.11.2011
Posts: 1730
Hello Tarquin75,

Are you still experiencing issue with inaccesible file? You may use Gmer file manager in order to remove it.

Without Gmer Anti-rootkit scan results it is difficult to say where the rootkit may be hiding (if there is any), but many of them are using master boot record as their hideout. Restoring master boot record in offline mode may help, but please note that this is only a wild guess and even when there is no infection it will not do any harm to the computer.

Right after the MBR is restored, please scan your computer with updated AVG Rescue CD.

After all above mentioned procedures are done, please provide us with new Gmer and AVG scan results so we can confirm that your computer is clean.

Thank you.
___________________AVG TeamHow-To articles | FAQ | Free SupportWe Protect Us
March 21, 2012 00:19 Re: Trojan Horse Generic27.AFYF.Dropper #195808
Reply with Quote | Quick Reply | Top
Tarquin75

Avatar

Novice
Join Date: 9.3.2012
Posts: 4
Hi,

Thank you for the replies, much appreciated. I am afraid I ended up formatting and reinstalling windows. I got a bit paranoid, especially as I couldn't get gmer to run properly and avg kept picking up new threats. I figured it would save a lot of time, effort and worry to just bite the bullet and format.

Thanks again
March 21, 2012 08:38 Re: Trojan Horse Generic27.AFYF.Dropper #195818
Reply with Quote | Quick Reply | Top
nemethste

Avatar

Administrator
Join Date: 1.11.2011
Posts: 1730
Hello Tarquin75,

Formatting hard drive and re-installing Windows is sometimes one of the best solutions, in the case when infection damages system severely.

Thank you for posting back.



AVG Team
How-To articles | FAQ | Free Support