Home > Trojan Horse > Trojan Horse Rootkit-Pakes.U Trojan On My Atapi.sys

Trojan Horse Rootkit-Pakes.U Trojan On My Atapi.sys

I try to use malwarebytes and is says its clean.. Press any key to exit...) in your next reply.-------------------------------------- Go to > Run..., then copy and paste this command into the open box: cmdClick OK.At the command prompt C:\>, copy and I will definately recommend your site to others who are encountering problems with removing viruses. Finally turn back on your computer.

March 31, 2009 16:46 Re: Update fails #9 Top jennie Senior Join Date: 31.3.2009 Posts: 30 To clarify about my this contact form

You need to use Internet Explorer 6, Internet Explorer 7, or Firefox 3 ... Disruptive posting: Flaming or offending other usersIllegal activities: Promote cracked software, or other illegal contentOffensive: Sexually explicit or offensive languageSpam: Advertisements or commercial links Submit report Cancel report Track this discussion Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, Please refer to our CNET Forums policies for details.

they say that this site can help me fix my problem. Please advise how to proceed next to remove this infection. I've followed the instuctions in the "Malware and Spyware Cleaning Guide" and have run all files as directed and have saved the logs. to Finished!

  1. First Steps link at the top of each page. ------------------------------------------------------ Please follow our pre-posting process outlined here: http://www.techsupportforum.com/f50/...lp-305963.html After running through all the steps, you shall have a proper set of
  2. Open My Computer.
  3. Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dllO3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dllO3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dllO3 - Toolbar: Google Web Accelerator - {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF}
  4. i found this threat in my computer \"C:\\WINDOWS\\system32\\drivers\\atapi.sys\";\"Tr ojan horse Rootkit-Pakes.U\";\"Object is white-listed (critical/system file that should not be removed)\".
  5. one cleaned and still one to go.....
  6. Previously had AVG 7.5 free with no trouble to update automatically regularly.
  7. caligirlv Back to top BC AdBot (Login to Remove) BleepingComputer.com Register to remove ads #2 garmanma garmanma Computer Masochist Staff Emeritus 27,809 posts OFFLINE Location:Cleveland, Ohio Local time:01:33 AM
  8. There's a sticky at the top of this forum, and a Quote: Having problems with spyware and pop-ups?
  9. Several functions may not work.

Similar Topics Trojan horse Pakes.U and Dialer.bzb Sep 3, 2006 Trojan horse Pakes.U Sep 5, 2006 Trojan Horse Pakes.U & Dialer.28.A Sep 3, 2006 Trojan Horse pakes.u, dialer.bzb, and generic.wue Aug Log in with Facebook Log in with Twitter Log in with Google Your name or email address: Do you already have an account? According to numerous scan warnings, my machine is infected with rootkit-pakes.u, in the following file: C:\WINDOWS\system32\drivers\atapi.sys This trojan was first detected by AVG Free on Saturday October 14, when it entered Site Changelog Community Forum Software by IP.Board Sign In Use Facebook Use Twitter Need an account?

Your cache administrator is webmaster. The problem is also detected by MalWareBytes. Please post them in a new thread, as this one shall be closed. Turn off any router or hub that your computer may be plugged into. 3.

Username or email: I've forgotten my password Forum Password Remember me This is not recommended for shared computers Sign in anonymously Don't add me to the active users list Community Forum Join the community here. by Marianna Schmudlach / January 13, 2010 2:12 AM PST In reply to: Windows 7 Trojan horse Rootkit-Pakes.U C:\WINDOWS\system32\d running an on-line scan:http://www.f-secure.com/en_US/security/security-lab/tools-and-services/online-scanner/... Click Yes to confirm.

but when i scan with virustotal.com, it detects a trojan... It will remove all the programmes we have used plus itself. Thanks again for your help and advice! Ask a Question See Latest Posts TechSpot Forums are dedicated to computer enthusiasts and power users.

I've attached the log file from Malwarebytes, for your review. http://gsdclb.org/trojan-horse/trojan-horse-rootkit-pakes-u-infected-on-xp.php Username Forum Password I've forgotten my password Remember me This is not recommended for shared computers Sign in anonymously Don't add me to the active users list Privacy Policy

Jump I have uninstalled Ashampoo Firewall and reloaded. When the fix is completed a message box will popup telling you that it is finished.

Turn off system restore, and turn it back on. Edited 1 times. Sign In Sign Up Browse Back Browse Forums Guidelines Staff Online Users Members Activity Back Activity All Activity My Activity Streams Unread Content Content I Started Search Malwarebytes.com Back Malwarebytes.com Malwarebytes http://gsdclb.org/trojan-horse/trojan-horse-rootkit-pakes-u.php thanks....

ERROR The requested URL could not be retrieved The following error was encountered while trying to retrieve the URL: Connection to failed. Under the Hidden files and folders heading select Do not show hidden files and folders. To fix these types of problems, download the util mentioned below.

It ran it's process, then rebooted to clean up.

Several functions may not work. Please re-enable javascript to access full functionality. If asked to restart the computer, please do so immediately.Also let me know of any problems you encountered performing the steps above or any continuing problems you are still having with one cleaned and still one to go.....

Everyone else please begin a New Topic. 0 Back to Virus, Spyware, Malware Removal · Next Unread Topic → Similar Topics 2 user(s) are reading this topic 0 members, 2 guests, Read http://forums.avg.com/ww.avg-free-forum?sec=thread&act=show&id=371, provide all of the information mentioned in that post so that we may help you properly. Spybot resident usually on but makes no difference if switched off Previously had AVG 7.5 with no troubles at all Allowed AVG 8 Free to uninstal 7.5 March 31, 2009 his comment is here The time now is 10:33 PM. -- Mobile_Default -- TSF - v2.0 -- TSF - v1.0 Contact Us - Tech Support Forum - Site Map - Community Rules - Terms of

Attached Files 02242010_163915.txt 5.23KB 53 downloads 0 #6 Bob22193 Posted 24 February 2010 - 06:34 PM Bob22193 New Member Topic Starter Member 4 posts Ok, Malwarebytes has finished running. "The scan Please try the request again. Therefore believe there must be some conflict between AVG8 and Ashampoo Firewall. XPNow to get you off to a good start we will clean your restore points so that all the bad stuff is gone for good.

We want all our members to perform the steps outlined in the link I'll give you below, before posting for assistance. Ask a question and give support. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dllO2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllO2 - BHO: Download Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P1.dllO2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}

Login now. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended. Also verify your firewall permissions as stated in this http://free.avg.com/ww.faq.num-1334. If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Terms of Use Privacy Policy Licensing Advertise International Editions: US / UK India CNET Reviews Best Products Appliances Audio Cameras Cars Networking Desktops Drones Headphones Laptops Phones Printers Software Smart Home