Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infections AVG unable to remove


  • Please log in to reply
2 replies to this topic

#1 Paula320

Paula320

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:10:42 PM

Posted 28 June 2010 - 10:37 AM

About three weeks ago my computer had been just fine, no problems at all. Then in the middle of playing LOTRO, my sound just stopped. I posted about it on The PC Guide and someone told me to reinstall the sound driver and update Directx. I downloaded the sound driver from Dell and the most up to date Directx from Microsoft and installed them. My sound started to work but then Internet Explorer started to periodically pop up with various ads. I don't use IE at all. I ran AVG and it found Trojan Horse Downloader.Generic9.CAXD in c:\System Volume Information\Microsoft\services.exe and also in c:\System Volume Information\Microsoft\smss.exe. At that time, AVG was unable to remove them saying they were inaccessible. I was not being able to register on AVGs forums in order to post about it there so I posted back on The PC Guide and was told to download Trend Micro Housecall which removed the infections but as soon as I restarted my computer, they were right back and IE was running again. They had me try several things but every time I restart the infection was back. I did disable System Restore to try to get rid of the files but that didn't work. At one time I found instructions to make System Volume Information accessible and after that AVG could remove the infections but every time I restarted, they came back.

I dealt with this for a couple of weeks during which I was finally able to get registered on AVG's forum and they started helping me. They had me do quite a few scans and things and finally asked me to delete a registry key. The key wouldn't let me delete it so they had me download Avenger to try but it didn't work. After that they haven't given me any more advice on what to do. I still have the two infections on my computer causing IE to run all the time.

A couple of days ago someone on The PC Guide posted to me and said I would need to run ComboFix. I downloaded it and ran it (and now realize it was a mistake.) It told me to disable AVG which I did. I ran it CF then I had a fake antivirus program on my computer. (I'm not saying it came from CF but from having my AVG disabled.) After a bit I was able to get the fake antivirus software off my computer but then none of my AV or spyware programs will update, Trend Micro Housecall is unable to establish an internet connection, even my LOTRO can't connect.

So this is where I am. First I need to fix whatever is blocking things from connecting to the internet then I still have the two infections I started with that I need to get rid of. I hope this is clear and understandable. So many things have happened and my computer (which I normally keep scanned and clean) is in a mess!! I desperately want to fix it and not have to reformat because I have a work program on it that has to be remotely installed and I would lose work time waiting for them to reinstall it if I had to do that.

I have Win XP Pro
AVG 9
Malwarebytes
Spybot
Adaware
SuperAntiSpyware

Can someone please help me with this?

Thank you, Paula

I'm editing to update. I had to disable "use a proxy server" and that fixed my issue with not connecting to the internet. So, now that's solved. I just need to work on the two infections that keep coming back.

Edited by Paula320, 28 June 2010 - 04:14 PM.


BC AdBot (Login to Remove)

 


#2 Paula320

Paula320
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:10:42 PM

Posted 01 July 2010 - 02:00 PM

Fixed.

#3 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,759 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:42 PM

Posted 01 July 2010 - 02:17 PM

Hi Paula ,you did well. I think you should still do an online scan.
ESET
Please perform a scan with Eset Online Antiivirus Scanner.
(Requires Internet Explorer to work. If given the option, choose "Quarantine" instead of delete.)
Vista users need to run Internet Explorer as Administrator. Right-click on the IE icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.
  • Click the green ESET Online Scanner button.
  • Read the End User License Agreement and check the box: YES, I accept the Terms of Use.
  • Click on the Start button next to it.
  • You may receive an alert on the address bar that "This site might require the following ActiveX control...Click here to install...". Click on that alert and then click Insall ActiveX component.
  • A new window will appear asking "Do you want to install this software?"".
  • Answer Yes to download and install the ActiveX controls that allows the scan to run.
  • Click Start.
  • Check Remove found threats and Scan potentially unwanted applications.
  • Click Scan to start. (please be patient as the scan could take some time to complete)
  • If offered the option to get information or buy software. Just close the window.
  • When the scan has finished, a log.txt file will be created and automatically saved in the C:\Program Files\ESET\ESET Online Scanner\log.txt
    folder.
  • Click Posted Image > Run..., then copy and paste this command into the open box: C:\Program Files\ESET\EsetOnlineScanner\log.txt
  • The scan results will open in Notepad. Copy and paste the contents of log.txt in your next reply.
Note: Some online scanners will detect existing anti-virus software and refuse to cooperate. You may have to disable the real-time protection components of your existing anti-virus and try running the scan again. If you do this, remember to turn them back on after you are finished.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users