Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Antivirus GT


  • Please log in to reply
No replies to this topic

#1 KevanMason

KevanMason

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:49 PM

Posted 22 September 2010 - 12:47 PM

It appears that Antivirus GT has now taken a new turn.

Upon starting your pc / laptop you now get a window with two buttons :-

1. [Get Genuine]

and

2. [wait. 25sec] - this then changes to continue when counted down (this delay does get longer everytime you startup the PC / Laptop)

I have found that the exe file "AntivirusGT.exe" is in c:\program Files\AVG\AntivirusGT.exe and is easily removable

The only problem is that when you remove this program, the next time you start up the PC, explorer.exe is never started. (and cannot be started even from Ctrl-Alt-Del then start "new-Task")

I have used Combofix to remove this "Program" but this has left 3 windows system files still infected and non-repairable (with AVG at least)

\windows\system32\svchost.exe
\windows\explorer.exe
\windows\csrss.exe

They all show Trojan horse Adload_r.AKJ

countless runs of AVG 9.0 in both standard and Safe mode were unable to fix these 3 files.

Does anyone know the best way to remove (or replace) these 3 files from a netbook? (bah! no cd drive!! lol)

The netbook will start from USB but I have so far been unable to boot from any USB memory stick.

Many Thanks for any help provided.

BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users