PDA

View Full Version : Trojan horse Generic 13.ATPH - Can't use any removal tools



Benis
2009-07-10, 17:24
Hiya,

My computer has been infected with

Trojan horse Generic 13.ATPH svchost.exe 1240
Trojan horse Generic 13.ATPH svchost.exe 1284
Trojan horse Generic 13.ATPH svchost.exe 1376
Trojan horse Generic 13.ATPH svchost.exe 1412
Trojan horse Generic 13.ATPH svchost.exe 1780
Trojan horse Generic 13.ATPH svchost.exe 271
Trojan horse Generic 13.ATPH explorer.exe 2336

which I have managed to find using AVG, even though in can't remove it.
It seems to be stopping me from opening programs such as SpyBot S&D, malware bytes, Smitfraud fix etc in both normal and safe mode so i can't seem to be able to get rid of it in any of the ways known to me.

Can you help?
Regards Ben

Blade81
2009-07-12, 21:21
Hi,


Download OTL (http://oldtimer.geekstogo.com/OTL.exe) to your desktop.
Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
When the window appears, underneath Output at the top change it to Minimal Output.
Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

When the scan completes, it will open two notepad windows. OTListIt.Txt and Extras.Txt. These are saved in the same location as OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them all in.



Download GMER (http://www.gmer.net) here by clicking download exe -button and then saving it your desktop:
Double-click .exe that you downloaded
Click rootkit-tab and then scan.
Don't check
Show All
box while scanning in progress!
When scanning is ready, click Copy.
This copies log to clipboard
Post log in your reply.

Blade81
2009-07-19, 11:44
Due to inactivity, this thread will now be closed.

Note:If it has been four days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh HijackThis log and a link to your previous thread. Please do not add any logs that might have been requested in the closed topic, you would be starting fresh.

If it has been less than four days since your last response and you need the thread re-opened, please send me or MOD a private message (pm). A valid, working link to the closed topic is required.