Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Antivirus System Pro infection [Moved]


  • Please log in to reply
4 replies to this topic

#1 BFlood

BFlood

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:07:30 PM

Posted 28 October 2009 - 03:39 PM

I haveWindows XP Media Edition, and not a great deal of knowledge!
Apparently I have been infected with this virus/trojan horse (?) and despite all attempts cannot get rid of it. Can you help?
I have backed up as instructed and have scanned with Malware and Spybot to no effect. I tried my AVG but get the message "avgscanx.exe infected" I managed to get past that message after several attempts to open AVG but it says all is OK, although I note I cannot download Version 9 when I tried.
I tried System Restore but it seems to be infected too and will not work.
There is interference with many routine applications like printing, IE, Outlook Express. A message appears saying the application is infected but after several attempts I can usually get the application to work.
I keep getting security alerts which I realise are spurious, on top of which IE keeps opening pornographic/viagra websites at about 3 minute intervals.
At one stage I got a message which seemed to come from AVG that there were several trojan horse viruses;..but I was unable to get it to clear them.
Dropper.genericBB
Generic 15VGU
Generic 15VGU

Several other warnings emanating this time from Antivirus Pro were;
C\Windows\syssvc.exe
c\Windows\system32\iehelper.dll
rundll32.exe infected

I have attached a screen print showing the type of problem I am having.

I have looked at the FAQs but see that this seems to be the sort of problem you deal with in stages and would therefore need your help unless, perhaps, there is a proprietary program that will do the job for me?

Regards

BFlood

Attached Files



BC AdBot (Login to Remove)

 


#2 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,805 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:02:30 PM

Posted 28 October 2009 - 07:36 PM

As no logs have been posted, I am shifting this topic from the specialized HiJack This forum to the Am I Infected forum.

==>PLEASE DO NOT NOW POST LOGS<== unless a log is specifically requested.
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#3 garmanma

garmanma

    Computer Masochist


  • Staff Emeritus
  • 27,809 posts
  • OFFLINE
  •  
  • Location:Cleveland, Ohio
  • Local time:02:30 PM

Posted 29 October 2009 - 02:48 PM

:trumpet:
Please download Rkill by Grinler and save it to your desktop.Link 2
Link 3
Link 4
  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista, right-click on it and Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • If the tool does not run from any of the links provided, please let me know.
Do not reboot the computer or you will have to run it again

======================

:flowers:
Update mbam and run a FULL scan
Please post the results
==================================

:thumbsup:

We Need to check for Rootkits with RootRepeal
  • Download RootRepeal from the following location and save it to your desktop.
  • Extract RootRepeal.exe from the archive (If you did not use the "Direct Download" mirror).
  • Open Posted Image on your desktop.
  • Click the Posted Image tab.
  • Click the Posted Image button.
  • Check all seven boxes: Posted Image
  • Push Ok
  • Check the box for your main system drive (Usually C:), and press Ok.
  • Allow RootRepeal to run a scan of your system. This may take some time.
  • Once the scan completes, push the Posted Image button. Save the log to your desktop, using a distinctive name, such as RootRepeal.txt. Include this report in your next reply, please.

----------------------------------

Please note: If Rootrepeal fails to run, try this step: Click Settings - Options. Set the Disk Access slider to High

Also try: right-click on rootrepeal.exe and rename it to tatertot.scr
Mark
Posted Image
why won't my laptop work?

Having grandkids is God's way of giving you a 2nd chance because you were too busy working your butt off the 1st time around
Do not send me PMs with problems that should be posted in the forums. Keep it in the forums, so everyone benefits
Become a BleepingComputer fan: Facebook and Twitter

#4 BFlood

BFlood
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:07:30 PM

Posted 30 October 2009 - 10:16 AM

Dear Garmanma
Thank you for your most comprehensive reply.
However literally minutes before I heard from you I read in a computer magazine here in the UK about MS "Securiy Essentials" free download, and since that all symptoms disappeared...it's almost too good to be true!
I note however that "Essentials" has a bug which stops me from turning on "real time protection", so I intend to keep my AVG even though MS Essentials advise one anti-virus measure only.
Can you advise how to protect myself from a similar infection in the future? I already have AVG, Spybot and Malwarebytes.
Thank you again for your offer of help which I have copied for the future.
B Flood

#5 garmanma

garmanma

    Computer Masochist


  • Staff Emeritus
  • 27,809 posts
  • OFFLINE
  •  
  • Location:Cleveland, Ohio
  • Local time:02:30 PM

Posted 30 October 2009 - 07:12 PM

Can you advise how to protect myself from a similar infection in the future?


Your questions would be better answered here:
http://www.bleepingcomputer.com/forums/f/25/antivirus-firewall-and-privacy-products-and-protection-methods/
Mark
Posted Image
why won't my laptop work?

Having grandkids is God's way of giving you a 2nd chance because you were too busy working your butt off the 1st time around
Do not send me PMs with problems that should be posted in the forums. Keep it in the forums, so everyone benefits
Become a BleepingComputer fan: Facebook and Twitter




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users