Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

AVG reports Trojans, won't remove them, and I cannot find the files


  • This topic is locked This topic is locked
4 replies to this topic

#1 EG6256

EG6256

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:09:38 AM

Posted 12 May 2013 - 12:00 AM

Well first of all, I'm hoping that this forum will be helpful. This is my first post! So at least once a day when I'm using my laptop (internet-involved or no), AVG 2013 will pop up with its findings of a Trojan. For the past week or two, it's been the same one: Trojan horse PSW.OnlineGames4.ALGT in the file: C:\Users\Owner\ApppData\Local\Temp\sgsbpre\smbiecb\wow64.dll

 

Today I attempted to locate the infected file, or even the folders it claims to be listed in, but the last two folders do not even exist at this point. I've run Malwarebytes Anti-Malware scans and they've come up empty, as have Spybot - Search & Destroy scans. I don't necessarily think that this is a false alarm on AVG's behalf however, as Firefox seems to have disappeared from my computer as of late.

 

As I was creating this account on this site not twenty minutes ago, another AVG report actually popped up with a new Trojan found: Trojan Horse SHeur4.BGAQ with the location: C:\System Volume Information\ System Restore\ FRStaging\ Users\ Owner\ AppData\ Local\ Temp\ sgsbpre\ smbiecb\ wow.dll; like it has with the other virus detected, AVG reports that "Access is Denied" when attempting to resolve the problem.

Earlier today, I did attempt to restore my computer to its factory settings in hopes of erasing the virus in such a way, but it was halted both times by an Unstable Environment. I mostly just want to know what a good software is to purchase or run that can eradicate these issues. Or if one is even possible, since I've tried the three on my computer. I also have - it seems - WAY too many programs running according to my Task Manager and those listed under dds.txt, but I don't know that that is the same problem. I'm operating with an MSI A6200 with Windows 7.

Sorry about this novel, but I really hope I got enough basics down.

 

Attached Files

  • Attached File  dds.txt   15.99KB   5 downloads


BC AdBot (Login to Remove)

 


#2 EG6256

EG6256
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:09:38 AM

Posted 12 May 2013 - 12:15 AM

Oh and it might be important to note that, with a previous issue regarding search links and redirecting, I would be more than happy to fully reformat my computer. I'd just need a bit more instruction on how to do so, since it is at the moment apparently against it.



#3 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,007 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:38 AM

Posted 16 May 2013 - 08:57 AM

Greetings EG6256 and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that. :thumbup2:

Thank you for your patiience thus far. Please allow me some time to review your situation. While I am doing that could I trouble you for a fresh DDS log so we are certain we are evaluating the most current information. If you could copy and paste the logs it will assist me quickly reviewing your issues.

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps are a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and let me know.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
===================================================

Helping me Help You

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

===================================================

Additional Information
  • If you have since resolved the original problem you were having, I would appreciate you letting me know.
  • If you are unable to create a log because your computer cannot start up successfully please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
  • If you are unsure about any of these characteristics just post what you can and I will guide you.
  • Explain as best you can what happens with your computer, i.e. it beeps three times, the the black screen starts then goes blank, etc
  • If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • Upon completing the steps below I will review your topic an do my best to resolve your issues.
  • If you have already posted a DDS log, please do so again, as your situation may have changed.
===================================================

Create DDS.txt and Attach.txt

I would like to see some information about what is happening in your machine. Please perform the following scan (again):
  • Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.

DDS.com
DDS.pif

  • Double click on the icon then select Run
  • Leave the default settings then click Next
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Please copy and paste the contents of both results in your post.
  • Close the program window, and delete the program from your desktop.
You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE

===================================================

Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:
  • DDS.txt
  • Attach.txt

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,007 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:38 AM

Posted 19 May 2013 - 04:06 PM

Greetings EG6256,

===================================================

3 Day Bump

It has been more than 3 days since my last post.
  • Do you still need help with this?
  • If after 48hrs you have not replied to this thread then it will have to be closed.

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#5 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,007 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:38 AM

Posted 21 May 2013 - 07:32 PM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users