Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Pccguide.exe Infected. Safe To Delete?


  • Please log in to reply
5 replies to this topic

#1 Lunadriel

Lunadriel

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Always left of something
  • Local time:02:38 PM

Posted 10 January 2008 - 01:21 PM

I finally have PC-cillin reinstalled on my pc. I have been through hell with a bot that replicated hundreds of trogans onto my pc. It nuetered PC-cillin, so I couldn't load it. D: Then downloaded AVG7, HiJack This, and Sysclean to finally get rid of everything....so I thought. Went trough heck to uninstall AVG7, then uninstall PC-cillin, then reinstall PC-cillin. I did another scan and suprise! I had more trojans. >.>` Now, I log on again, and a virus opens with one of my system files, spits out two trojans in the process. Now that PC-cillin is operational, it caught the trojans and cleaned them. But, the virus is in PCCGUIDE.EXE and PC-cillin is unable to clean or quarantine the infected file.

Can I chunk it into file 13? In otherwords, delete it? I see that it's an exe file, which means I shouldn't touch it without asking first. Oh, and the orignal infection was in EXPLORER.EXE D: Evil!

Did I miss anything? ;p

Yes, the virus is PE_TRATS.A I only remember AGOBOT from before, but I know there was a worm and two other viruses aside from the bajillion trojans.

Edited by Lunadriel, 10 January 2008 - 01:23 PM.


BC AdBot (Login to Remove)

 


#2 Lunadriel

Lunadriel
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Always left of something
  • Local time:02:38 PM

Posted 10 January 2008 - 03:17 PM

So...I searched the file, and they are part of PC-cillin itself. There were six files total. I scanned them all individually and none showed a virus, yet PC-cillin just told me there was one. *so lost*

#3 nigglesnush85

nigglesnush85

  • Members
  • 4,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:07:38 PM

Posted 10 January 2008 - 03:37 PM

Hello,

You are correct, the file in question does belong to pccillin, it should be located at C:\Program Files\Trend Micro\Internet Security\pccguide.exe if you can find it here then it is probably a safe file. you might want to try a free online scan, http://www.pandasecurity.com/homeusers/solutions/activescan/ just to be safe.
Regards,

Alan.

#4 Lunadriel

Lunadriel
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Always left of something
  • Local time:02:38 PM

Posted 10 January 2008 - 05:01 PM

The second scan, it moved to the unlocker file. I'll try that site.

#5 nigglesnush85

nigglesnush85

  • Members
  • 4,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:07:38 PM

Posted 10 January 2008 - 06:10 PM

If no viruses were found on your system by the online scanner, then you might want to submit another hijack this log file, if it keeps replicating itself.

http://www.spywareinfo.com/~merijn/programs.php
http://www.bleepingcomputer.com/forums/f/22/virus-trojan-spyware-and-malware-removal-logs/
Regards,

Alan.

#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,272 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:38 PM

Posted 11 January 2008 - 12:29 AM

Anytime you come across a suspicious file or if you suspect a file may be a False positive, get a second opinion by submitting the file to jotti's virusscan or virustotal.com.
In the "File to upload & scan" box, browse to the location of the suspicious file and submit [upload] it for scanning/analysis.
Post back with the results of the file analysis.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users