Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Immediately after upgrading to Firefox 6.0, I got a trojan virus in a file called Motive Client.

more options

The virus is called Trojan Horse generic24.TSU. AVG spotted the virus and moved it to it's virus vault but the folder remains. Is this folder relative to Firefox?

The virus is called Trojan Horse generic24.TSU. AVG spotted the virus and moved it to it's virus vault but the folder remains. Is this folder relative to Firefox?

All Replies (3)

more options

my AVG software detected this same virus today; but i have *not* upgraded: i'm running 5.0

i think this has something to do w/ my ISP (at&t); one of the infected files was ATT-SST_Installer, which makes the second time i've gotten a trojan from ATT-identified tools; the first time was immediately after at&t auto-installed a wireless setup tool, which AVG later identified as a backdoor generic trojan

also, my google searches are being redirected on the "at&t powered by yahoo" server " -- even the mail link on my email account on this yahoo portal would redirect to at&t/yahoo search results http://search.yahoo.com/404handler?... with the same weird search terms inserted [i.e., 'us lrd yahoo! ahrc buy dale'] very consistently; now when it happens the search terms are 'my yahoo! mail' which at least make sense, but does not diminish my concern about/suspicion of this partnership

Modified by cjjenssen

more options

Thanks for your help. Your adventure seemed to be the same as mine so I called ATT - my carrier, as well - and they confirmed that the file Motive Client was one they installed to help us solve our problems without bothering their tech guys and I can delete it without a problem. Thanks again.

more options

Trojan Generic24 Removal tip

PLEASE NOTE: The latest versions of this trojan including generic24.cgol are extremely dangerous and if not stopped immediately may require a full re-install of Windows OS. Files and data may also be lost.

Generic 24 can infect FireFox, and creates a folder in C:\Documents and Settings\Username\Application Data\Mozilla with additional virus components. If Firefox has been infected (this happened to me)

  • Basic removal must be done in SAFE MODE!
  • Turn off system restore first!
  • run your AV software
  • Uninstall FireFox
  • Find the Folder Mozilla as mentioned and DELETE this folder
  • Edit Windows Registry to remove all references to Mozilla, Firefox and Generic24, and any other files the anti virus scan found!
  • Perform another Anti Virus scan

Re-install the best browser available: Firefox

If the virus is found in other folders - uninstall any applications associated with the folder, and proceed as above!

Please also read the supporting article links here - they will be updated as I get more info on this latest threat

Do not leave this virus - it will cause a lot of damage - it must be removed urgently

Supporting articles:

Early removal tips: http://graphiclineweb.wordpress.com/2.../trojan_generic24/

More information is also available on my website link text

I am will post further information and technical support articles as they become available on both my sites

Modified by graphiclineweb