Spyware, Viruses, & Security forum

General discussion

Trojan horse Adload_r.AKC

by N.T.Gray / August 30, 2010 10:55 PM PDT

I'm running a Dell Dimension 4600 with WinXP SP3, and AVG 9 anti-virus.
The AVG detected some Trojans but can't fix them. Here is what the scan results look like:

C:\WINDOWS\System32\svchost.exe (1092):\memory_001a0000;"Trojan horse Adload_r.AKC";"Object is inaccessible."
C:\WINDOWS\System32\svchost.exe (1092);"Trojan horse Adload_r.AKC";""
C:\WINDOWS\system32\csrss.exe (644):\memory_00270000;"Trojan horse Adload_r.AKC";"Object is inaccessible."
C:\WINDOWS\system32\csrss.exe (644);"Trojan horse Adload_r.AKC";""
C:\WINDOWS\Explorer.EXE (1056):\memory_001a0000;"Trojan horse Adload_r.AKC";"Object is inaccessible."
C:\WINDOWS\Explorer.EXE (1056);"Trojan horse Adload_r.AKC";""

AVG 9, Malwarebytes, and Spybot Search & Destroy all fail to fix it.

Can anybody tell me what these things do, and how to get rid of them? (There is no obvious effect, but of course I don't want to fill in any personal information forms while they are in there.)

*

Discussion is locked
You are posting a reply to: Trojan horse Adload_r.AKC
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: Trojan horse Adload_r.AKC
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
http://forums.cnet.com/5208-6132_102-0.html?messageID=336655
by Snowball2010 / August 30, 2010 11:57 PM PDT

you can easily find the virus details - there's plenty of info around the internet - to remove it you just need to concentrate on 'seek and destroy" strategy.

run msconfig, go to startup and services tabs - check what's suspicious, clean registry from re-directions; scan with antivirus to check what files are infected and if you can't fix them - re-place them.

you can hook up the infected HDD to healthy pc if virus removal on the original pc gives you a message 'access denied' to infected file and sort it that way

Collapse -
I'm sort of following you, but. . .
by N.T.Gray / August 31, 2010 12:34 AM PDT

I'm not afraid to go under the hood, provided that I've got good step-by-step instructions. I'm an intermediate user, not advanced. A little expansion on your instructions, or a web link with more detailed instructions, would be helpful. Especially if you've got more detailed info on the trojan in question. (Found a little on the web about it, but mostly discussions about it in other forums. Haven't found anything yet regarding what it is and what it does.)

Or, even better, is there an AV program out there that will kill this?

*

Collapse -
re: I'm sort of following you, but. . .
by Snowball2010 / August 31, 2010 1:09 AM PDT

I'd not advise to use any advertised programs for a removal of a specific malicious soft/w - sometimes you may come across a message for a small few /you must pay/ 'our' so called engineer will connect to your come to help you out.
Dealing with viruses/spy/w removal on my own comp taught me Malwarebytes can't help neither CCleaner apart from creating backup of the registry if something goes wrong.
it's not the type of "click and gone" procedure to remove a virus or malware - at least not in 100% situations.
some of the antiviruse softwares (even 100% prepaid/versions) with fully updated data base will remove it but surely should be able to detect it.
sorry that i can't provide you with step-by-step instructions or a good link how to do it - it's just not possible as sometimes you'd need to just play around.
few tips that might help:
- find what files are infected ->try to run AV on them and if that not help or they are protected by the system run comp in safe mode and try again - if again impossibble make a copy of the file clear with antivirus - and replace it in safe mode or by connecting HDD to a health comp in last instance
- clear registry with anything found - make sure you keep restore copy of the registry - run regedit and search for the name of malware file name and data entries - clear those manually
- run msconfig to see if any software runs at startup or else that you do not recognize - if you not sure look up on the internet what the file does (http://www.processlibrary.com or other websites)
- look for any folders/files created by the virus/malware on your comp (win folder, docs&settings folders - you'll see any path in msconfig or regedit keys) and change their main 'folder/files' names or move to other folder/place - restart your comp in normal mode, then see if they were renewed - that should give you a clue if the source is still sitting somewhere on your comp until you were successful - good luck

Collapse -
EOlmarikRemover.exe ?
by N.T.Gray / August 31, 2010 12:41 AM PDT

I have found a reference to a malware removal tool called EOlmarikRemover.exe that supposedly will deal with my trojan.

Do you anybody know anything about this? Is it legit? Is it reliable?

*

Collapse -
(Free) Reliable Tools: Trojan removal
by Brechan / August 31, 2010 1:19 AM PDT
In reply to: EOlmarikRemover.exe ?
Collapse -
This one worked!
by N.T.Gray / August 31, 2010 2:59 AM PDT

I checked around, and Hitman Pro seemed legit. It was reviewed on PCMag, and was downloadable from CNET, so I gave it a try. Then I recheked with AVG. Trojan all gone!

Thanks, Brechan!

NTG

Collapse -
Happy to hear
by Brechan / August 31, 2010 3:28 AM PDT
In reply to: This one worked!

that all the problems are gone (hopefully for good), and it's always good to get replies with (positive) feedback Happy

B.

Popular Forums
icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

FALL TV PREMIERES

Your favorite shows are back!

Don’t miss your dramas, sitcoms and reality shows. Find out when and where they’re airing!