Stubborn "Infection";"Trojan horse Pakes.CFZ" Help!

I apologize for the length of this post, but I’ve been trying to get rid of these Trojans without success for about a week now. AVG detected two Trojans on my system at that time and I chose to send them to virus vault in spite of the fact that AVG warned that doing so could damage my system. Thinking this was handled by AVG, I was surprised later when two “Virus Removal Tool” folders appeared on my desktop. I tried to remove them, but they wouldn’t budge. It appears the Trojans are key loggers too, so I'm apprehensive about using the net until they are removed from my system. Here’s the filenames:

Folder 1. "Infection";"Trojan horse Pakes.CFZ";"C:\Documents and Settings\(my name)\Desktop\Virus Removal Tool1\is-5BR0Q\is-5BR0Q.exe";"";"3/27/2009, 7:11:26 PM"
Folder 2. "Infection";"Trojan horse Pakes.CFZ";"C:\Documents and Settings\(my name)\Desktop\Virus Removal Tool\is-74G7H\is-74G7H.exe";"";"3/27/2009, 5:53:57 PM"

I’ve taken the following steps so far, as of this morning (3/31/09):
1. Ran Kapersky from MG numerous times - nothing found relative to the Trojans
2. Downloaded and ran SuperAntispyware, Malwarebytes, SpyBot s&d, Killbox and Panda Quick Remover from MG and again, nothing was found
3. I picked one of the Trojan files and ran Killbox to try and get rid of it; however, Killbox stated the file was non-existent or something to that effect, meaning it couldn’t see it
4. I used CCleaner to remove the Trojans from the Startup menu. They are apparently designed to install themselves in system startup every time a restart or boot up is done (perhaps, that's why I accumulated ten of them before installing Startup Monitor!)
5. I installed Startup Monitor & Startup CPL, which was a good decision because a number of intrusions have been blocked by those programs
6. I've also tried deleting random sub-components of the Trojan files in an effort to disable visibility from the authors’ viewpoint, but a message pops up saying that access is denied

Any ideas? Thanks

 

Hello There,

Try running Ariva that sometimes pick up trojans that AVG doesn't here is the link to download the program and give it a try.

http://majorgeeks.com/Avira_AntiVir_Personal_-_Free_Antivirus_d955.html

hopefully this should get rid of them

 

Please go to the malware forum where the experts will help you getting rid of what's ailing your 'puter. Here's a link on what to do (and not) prior to posting in the Malware section: http://forums.majorgeeks.com/showthread.php?t=35407

 

Thanks All for your advice. Here's where things stand right now:

- I downloaded Avira and ran a scan, but the program didn't see the trojans; so, I tried to uninstalling Avira using both CP and CCleaner, but got a message from both that the file was invalid or something along that line (I didn't write it down). Then, I decided to directly delete the program, hoping to get results. Uh-Oh! Now I'm unable to find Avira anywhere except for the icon on my desktop showing the AntiVirus Guard to be activated. A number of common adware pop-up warnings have appeared so far, which means Avira is still there - somewhere. I need advice on uninstalling this program.

- Other issues: 1) AVG Resident Shield is being blocked and shows a Not Active status, even after I have uninstalled and reinstalled the program. 2) Windows Security is warning that No antivirus protection is on, so it doesn't see either AVG, or Avira; 3) When I reboot the system and the start-up sequence gets to the point where "Windows Is Starting," it takes anywhere from 5 to 10-minutes before windows actually starts.

I've followed the MG "Malware Removal" protocol and am prepared to submit whatever information MG experts require to get this trojan issue resolved. Please advise. Thank you.

 

Update: AVG identified the subject files as Trojans, and blocked them. The Trojans eventually got into AVG somehow and disabled the Resident Shield. I re-installed AVG a couple of times but the same thing would happen again. Every time I tried to delete any of the 10-folders that accumulated on my desktop, access would be denied. After a few days of fooling around with this stuff, I decided to attack it by renaming each of the 10 folders from “Virus Removal Tool” to some random set of keystrokes. I thought doing this would prevent the hacker’s programs from finding their own files and would allow me to delete them without incident. It worked and I was able to rid my desktop of all 10 folders; however, I soon found out that I wasn’t quite done yet! They had also installed themselves into startup and became imbedded in SP3, corrupting it, of course. I used CCleaner to clean up startup and went to the Microsoft website and downloaded/reinstalled SP3. It cleaned up the corruption in the previous SP3 pack and things went back to normal. All the Trojan’s activities have now stopped and AVG is back as well. If anyone reading this post runs into the same type of problems, you may want to try renaming the files and then deleting them.

 

This issue has finally been resolved. I unwittingly went off on a tangent a couple of days ago when AVG blocked Pakes.CFZ, identifying it as a Trojan. I found out today that this was actually a "false positive" that AVG has now corrected. Thanks everyone for your help.