Skip to main content
Start a Conversation

This post is more than 5 years old

Solved!

Go to Solution

RCFetter

9 Posts

11840

August 8th, 2012 17:00

Win32 Downloader PKU [TRG] Virus or Malware

I use the free version of Avast in addition to Malwarebytes that I use on my Inspiron 14R - Windows 7.  This afternoon Avast started with pop-up warnings saying:

Trojan Horse Blocked. 

Infection:  Win 32 Downloader PKU [Trg] and 

Infection:  Win 32 Malware - gen

Action:  Moved to chest.

I ran Spybot and Malwarebytes.  They found and cleaned up some stuff but the pop ups keep coming. 

These warnings are popping up every 5 minutes or so.  I Googled  "Win 32 Downloader PKU [Trg] " and the only reliable site talking about the malware is a an Avast forum which recommends posting a long report, disabling Avast, downloading and running other software programs and so on.  The forum posts on the issue are very recent but what they are suggesting seems a a bit too complicated for me. 

Is this a serious issue and is there a an easier way to deal with  it.  I don't understand why it's only an Avast issue.  Can I do a restore or should I buy or use  some other anti virus software?  

Any advice would be appreciated.


ky331

3 Apprentice

 • 

15.5K Posts

August 8th, 2012 18:00

You really didn't include enough information (for example, the NAME of the files that avast detected).

"Malware - gen" might indicate a virus --- then again, it may simply be a "false positive" detection... especially if, as you asserted, "it's only an Avast issue".   (Which again stresses the need for you to procede carefully, getting proper analysis of YOUR particular situation.)

I believe I located the avast forum thread you're referring to.   One of the tools suggested there was ComboFix.   Be advised that ComboFix should NOT be run unless you are personally advised to do so, under the supervision of a malware removal expert.

Unfortunately, one-on-one Malware Analysis/Removal is no longer done at the Dell Forums.    

Instead, you should follow the directions at http://www.spywareinfoforum.com/index.php?showtopic=79038  to register and post the requested logs at SpywareInfoForum.com ; there are expert helpers there who can "walk you through" procedures to analyze your system, and clean-up the infection.   All help provided there is FREE.   If you decide to go for help there, please wait for a response, and do NOT attempt to run any other scans/removers on your own --- do exactly what they instruct you to do, no more, no less.
 
Good luck!

RCFetter

9 Posts

August 9th, 2012 13:00

Thanks ky.  The only other information I have is the file name which is c:/windows/assembly/GAC_64 Desktop.ini.  I'll take your advice and check out the SpywareInfoForum.

ky331

3 Apprentice

 • 

15.5K Posts

August 10th, 2012 17:00

RC,

I see that you have successfully posted at SpywareInfoForum:  http://www.spywareinfoforum.com/index.php?/topic/133987-infected-with-win32downloader-pkutrg-and-win32malware-gen/

They usually get to analyze logs and reply within 24 hours.   Please be patient.

I will just reiterate one point I made above:   do NOT attempt to run any other scans/removers on your own --- wait for their reply, and do exactly what they instruct you to do, no more, no less.   While it is tempting to try other things while you wait... and while you feel helpless... it can interfere with any plan that they'll eventually offer you.

If there's anything they tell you that you don't understand, ASK them to clarify.

EDIT:   I see that a helper has already arrived there. :emotion-1:   

Bugbatter

3 Apprentice

 • 

20.5K Posts

August 11th, 2012 12:00

Hi RCFetter,

You are in good hands at SpywareInfo Forums. Make sure you stay with your helper there until he gives you the "All Clear"  because a ZeroAccess infection can regenerate if all of it is not cleaned.

RCFetter

9 Posts

August 11th, 2012 14:00

Thanks Bugbatter and ky.  Your interest in my problem is greatly appreciated.

ky331

3 Apprentice

 • 

15.5K Posts

August 11th, 2012 14:00

We're following you through the conclusion of your issue.

As you can attest, major progress has been done already... you thought the problem had been entirely fixed.

Bugbatter is the resident malware-removal expert here... if she says there's more to be done, then by all means, go pursue it!

RCFetter

9 Posts

August 11th, 2012 14:00

Thanks again.  I know the issue is not resolved until confirmed.

ky331

3 Apprentice

 • 

15.5K Posts

August 21st, 2012 18:00

RC,

Good work.  Shows what following-through at a good Malware Removal site can accomplish :-)

Bugbatter

3 Apprentice

 • 

20.5K Posts

August 21st, 2012 18:00

That's what we like to see -- another resolution to a problem and another "happy camper"! :emotion-15:

NOTE: The issue has been resolved, so this thread is now closed.

The fixes and advice in this thread are for this machine only. Do not apply the instructions from this thread to your own machine. Please start a new thread describing your issue and someone will be along to assist you.

Everyone else who is having a similar issue, please begin a New Post at the top of the forum.

bradiane

14 Posts

February 2nd, 2014 11:00

I have the same problem and contacted the help desk explaining the problem but no one has called me back. How long will it take?

Bugbatter

3 Apprentice

 • 

20.5K Posts

February 2nd, 2014 14:00

I replied in your other topic. Two of us have referred to a site where you will find trained volunteers (which include Microsoft MVP's) to help you for free. Please read the replies in your topic HERE.

Was this post helpful?

View All

No Events found!

Top