Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Possible Virus?


  • Please log in to reply
10 replies to this topic

#1 AARP

AARP

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:05:56 AM

Posted 17 October 2007 - 06:56 PM

Hello guys,
When I told my friend on another forum about the problem I am having, he directed me to you. Okay, so here's my problem:
About a month and a half ago I was going to run a routine AVG scan. I repeatedly clicked the icon with the program not running. I went into add-or remove programs and found that my AVG had been uninstalled. Immediately thinking I had been infected I redownloaded AVG and tried to reinstall it. Here is the error I get midway through installation:Local machine: installation failed
Installation:
Error: Action failed for file avg7core.sys: starting service....
Insufficient system resources exist to complete the requested service. (1450)
Warning: Action failed for registry value HKLM\SOFTWARE\Classes\Component Categories\{56FFCC30-D398-11D0-B2AE-00A0C908FA49}:409: creating registry value....
Access is denied. (5)
Rollback:
Error: Action failed for registry value HKLM\SOFTWARE\Classes\Component Categories\{56FFCC30-D398-11D0-B2AE-00A0C908FA49}:409: restoring registry value....
Access is denied. (5)
Error: Action failed for file avg7core.sys: starting service....
Insufficient system resources exist to complete the requested service. (1450)
I let it go for awhile because I thought nothing of it. But then one day when I got on I discovered my Windows firewall had been turned off. Ever since then my programs have been getting corrupted one-by-one and slowly. I installed both Avast and Norton and they cannoth seem to pick it up. Can you guys help me before I have to reformat?
Thanks,
AARP

BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • Moderator
  • 13,261 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:07:56 AM

Posted 17 October 2007 - 07:42 PM

You may be six weeks late in getting help.
First get rid of all antivirus programs. Find the AVG.EXE file and double click on it. At that point you should be offered a chance to install or uninstall. Choose uninstall. If there are more than one AVG.EXE files, choose the latest first to run the uninstaller.
Next, assuming you have XP, go into safe mode and go to the Add/Remove list and uninstall any other Antivirus programs that are there.

When you post back, let us know what OS you have and if you have run any tests on your hardware especially the HD.

If you can still install programs you should try Super Antispyware.
Install Super Antispyware free. Run it in safe mode. Allow it to quarantine whatever it finds.
http://www.superantispyware.com/

Are you still without a firewall?

How to Start Windows in Safe Mode:
http://www.bleepingcomputer.com/tutorials/how-to-start-windows-in-safe-mode/

Edited by buddy215, 17 October 2007 - 07:44 PM.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#3 AARP

AARP
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:05:56 AM

Posted 17 October 2007 - 09:09 PM

Ok, I am on the family computer typing this. I followed what you said and it is currently in safe mode and super antispyware is running. Currently it has found "Trojan.ZenoSearch" and "Trojan.System32" along with various tracking cookies. I'll keep you guys updated while it is scanning.

#4 buddy215

buddy215

  • Moderator
  • 13,261 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:07:56 AM

Posted 17 October 2007 - 09:57 PM

Check your Add/Remove programs for ZENO and any thing related to ZENO. Try uninstalling them.

Please answer the questions in my first post.

Do a complete scan of your computer using Dr. Web Cureit. Read the instructions in the link carefully.
http://download.drweb.com/drweb+cureit/

Remove temporary files, logs, cookies, etc. by using Ccleaner. Do not use "Advanced Settings" or the "Issues" button. Use only the default settings. http://www.ccleaner.com/
During the installation you will be offered the Yahoo Toolbar. Be sure to UNcheck if you don't want it.

Edited by buddy215, 17 October 2007 - 10:07 PM.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#5 AARP

AARP
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:05:56 AM

Posted 18 October 2007 - 12:01 AM

I installed and ran ccleaner and it got rid of a crapload of stuff. Dr.Web CureIt's FTP is down right now so I guess I'll DL it in the morning. I quarantined and deleted those two trojans with super anti spyware. After that I ran it again in both safe and normal modes and it didn't pick up anything. I also disabled system restore after that and then re-enstated it. Looks like i should be on the path to recovery. Anything else I should do?
P.S., I turned my Windows firewall back on once I discovered it and it's been on ever since.

#6 buddy215

buddy215

  • Moderator
  • 13,261 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:07:56 AM

Posted 18 October 2007 - 07:40 AM

Use Secunia to tell you what software on your computer is vulnerable/out of date.
http://secunia.com/software_inspector/

Run the online scan with Bit Defender in normal mode. Allow it to quarantine whatever it finds.
http://www.bitdefender.com/scan8/ie.html

Glad to hear that at least your Windows firewall is working. After you get malware free you may want to consider downloading and installing a third party firewall such as the free Zone Alarm. They will provide more control of what programs, etc. on your computer are doing.
“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#7 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,597 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:56 AM

Posted 18 October 2007 - 07:46 AM

Action failed for file avg7core.sys...
Action failed for registry value...
If all else fails...Do a complete new install step by step

alternate download link for Dr.WebCureit
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#8 AARP

AARP
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:05:56 AM

Posted 18 October 2007 - 11:16 PM

Okay, I haven't really found any more viruses on the scans anymore. Is their any way to restore the corrupted programs?

#9 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,597 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:56 AM

Posted 19 October 2007 - 08:05 AM

You had AVG, then said you installed Avast and Norton. There are probably remnants of each still remaining on your system that need to be removed. Using more that one anti-virus program is not advisable even if your using one of them as a stand-alone on demand scanner. Even when one of them is disabled, it can affect the other. Anti-virus software components insert themselves into the operating systems core and using more than one can cause instability, crash your computer, slow performance and waste system resources.

So the first thing you need to decide is which anti-virus your going to keep and then thoroughly remove the other two. Once you decide, download the newest version of that anti-virus program and save it to you hard drive. Disconnect from the Internet, remove the others and install the anti-virus program who want to use. Reconnect to the Internet afterwards and immediately update the virus definitions.

Norton can be difficult to completely remove so download and run the Norton Removal Tool (SymNRT) for your version of Windows.
Sometimes itīs not possible to uninstall avast! using Add/Remove Programs in Control Panel. In this case, use the aswClear uninstallation utility.

I already provided the links for AVG in my previous post should you decide to keep it.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#10 AARP

AARP
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:05:56 AM

Posted 19 October 2007 - 09:23 AM

I think I will keep Avg and use Dr.Web CureIt! and SUPER Anti spyware sparingly. I can keep CCleaner and it won't affect those right?

#11 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,597 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:56 AM

Posted 19 October 2007 - 09:57 AM

There should be no conflicts with CCleaner.

Just be careful when using the Registry Feature to scan for issues. Always back up your registry before making any changes. Improper changes to the registry could adversely affect your computer and render it inoperable.

CCleaner Tour: Using and Understanding CCleaner
Using CCleaner Demo
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users