Trojan horse Generic16.CIRC and Trojan horse Pakes

  morters 13:42 08 Mar 2010
Locked

Have been having problems with antimalware doctor (click here)

Related to the problem is Trojan horse Generic16.CIRC and Trojan horse Pakes which AVG sends tthe virus vault every 5 or 6 minutes but which when scanned for is not found. Have also scanned with Ad-aware, Trojan Remover and Spybot.

Am getting quite paranoid and will be mightily relieved to see the back of them!

  GaT7 14:07 08 Mar 2010

If BurrWalnut's suggestion doesn't help...

One of the most thorough ways to determine if your PC is still infected with anything is to run HijackThis (HT) click here. Then post the resultant log in a dedicated HT forum like click here (instructions before posting click here). They may ask you to run other free programs as well.

You can also do a quick DIY HT analysis via click here. Do NOT manually remove anything 'suspect' on your own, but rather ask for help on one of those forums. All the best with it. G

P.S. More HT related forums at click here (see left column)

  BurrWalnut 14:07 08 Mar 2010

1. First of all you have to stop the little devil from running. Rkill will stop all running processes, both legitimate programs and recognised nasties. By doing so, it will then allow you to run an ‘anti‘ program to remove the infection(s). There are 4 versions of Rkill; exe, com, scr and pif. Some malware may recognise the program and stop the exe version from running, if so try one of the others. If you can’t download it, save it to an external USB device using a different computer, then plug it in to the infected machine. It is small and doesn’t need installing.

Before running it, disable any anti programs that are running as they may see it as a threat. The program doesn’t delete anything, it just stops processes from running, corrects the registry and restarts Windows Explorer. It will take less than a minute to run and produces a log file showing which processes have been stopped. Now run Malwarebytes Anti Malware to remove the infection. Don’t restart the computer until the infection has been removed, as any processes that Rkill stops will be restarted when you restart the computer, including, of course, any nasties that haven‘t been removed. Read this, then download it from click here

2. Download the free Malwarebytes' Anti-Malware from click here Install it and follow the prompts but make sure ticks are placed next to ‘Update Malwarebytes' Anti-Malware’ and ‘Launch Malwarebytes' Anti-Malware’ then click Finish. If an update is found, it will download and install the latest version.

  morters 14:27 08 Mar 2010

Thanks, Crossbow7 and BurrWalnut, will see if I can follow your suggestions. Have already run Malwarebytes Anti-Malware and have run rkill.com. Should I try any of the other versions?

  BurrWalnut 14:58 08 Mar 2010

Do you mean try the other versions of Rkill? If so, there is no need as they all do the same thing.

Did Rkill work and produce a log of stopped processes? If so, were the Trojans listed as stopped?

Did you run MBAM after running Rkill? If not, run Rkill again (you can run it as often as you like) and immediately follow it up with MBAM.

  morters 15:16 08 Mar 2010

BurrWalnut

Yes, it produced a log but i don't remember if they were listed. To be honest, over the last three days I've tried so many things I'm very confused. I think I ran MBAM afterwards but, as I said, I'm a tad confused. I'm not sure, but I don't think I disabled all my other anti's. Will tey again. Thanks.

  morters 17:30 08 Mar 2010

Have attempted to disable all anti-virus/malware software and then ran rkill. Scan report showed nothing:

This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.
Ran as John on 08/03/2010 at 16:33:33.


Processes terminated by Rkill or while it was running:


C:\Documents and Settings\John\Desktop\rkill.com


Rkill completed on 08/03/2010 at 16:33:37.

Ran Malwarebytes Anti-Malware just in case but, as expected, nothing found. It is possible I failed to disable anti programmes.

  morters 17:30 08 Mar 2010

Have attempted to disable all anti-virus/malware software and then ran rkill. Scan report showed nothing:

This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.
Ran as John on 08/03/2010 at 16:33:33.


Processes terminated by Rkill or while it was running:


C:\Documents and Settings\John\Desktop\rkill.com


Rkill completed on 08/03/2010 at 16:33:37.

Ran Malwarebytes Anti-Malware just in case but, as expected, nothing found. It is possible I failed to disable anti programmes.

  morters 18:51 08 Mar 2010

am having great problems clicking on any links you give, Crossbow7

  GaT7 19:12 08 Mar 2010

Hmm, no problem opening any of the links here. G

  morters 19:41 08 Mar 2010

Crossbow7, you confirm my suspicions that the problem is with me, specially since I successfully downloaded the Hijackthis programme in the first place but afyerwards not the HJ forum or the instructions.

I'm afraid I'm going to have to take a break; as they say, this is doing my head in, and I can't think straight anymore. I'm going to give it a rest for tonight and hope that you'll be there tomorrow. Apologies and thanks for your help.

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

Galaxy Note 8 vs iPhone X

Awful clip art from 1994 is being tweeted every hour by a bot

How to update iOS on iPhone or iPad

Les meilleures applications pour enfants 2017