Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

AVG NIGHTMARE!


  • Please log in to reply
6 replies to this topic

#1 djkwik66

djkwik66

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:06:57 AM

Posted 15 June 2013 - 05:22 PM

Please forgive me, I'm new to this forum, but not forums in general.  The last one I used ended up talking to me like I was a retarded 2 year old and I finally got fed-up with the snotty and condescending demeanor they chose to use.

 

I have spent three Saturdays now trying unsuccessfully to remove all traces of the AVG Trojan.  I've googled and clicked and tried every single way I've found listed and still I cannot get rid of the thing!  A little scene-setting.  I use a utility called Windows Clean-Up.  It deletes temp/cookies/prefetch, and all other logs that are running in the background.  Its a very nice service and even finds things that the normal Windows option (delete temporary internet files and history upon closing browser) doesn't do.

 

So, I noticed that instead of 2 or three files, Clean-Up was finding over 60!  I googled and found all the information about the Secure Search and the SafeGuard  and AVG toolbar extensions.  I've disabled all of them.  I've uninstalled all of them, I've finally resorted to uninstalling AVG itself using their downloaded uninstaller program that brings up a DOS prompt and runs a "thorough" uninstall...still Clean-Up is now finding several files, some are .ini files and all searches point to the same AVG Trojan and everyone seems to have this problem...I even tried the REVO utility...it cannot find anything.  I've run a search for any file names I'm finding and can't find them.  I've un hidden system and other files and STILL I cannot find the files.  I've followed one site's instructions for going into the registry and deleting the files there, but I can't find any in any of the registry folders (took me nearly an hour to view every single folder I found in regedit.  I've done a system restore and still no success.

 

I'm running Windows 7 on an HP.  Until this, I never had a problem (comments about other forums were on an older Dell - never again - running XP)

 

So, can anybody PLEASE help me with this issue?  These are the files Windows Clean-Up is still finding (If this allows me to copy and paste)...

 

C:\Windows\temp\AVG-Secure-Search-Update_{3B8DBBCC-7082-4319-9A6C-464565AA6F15}.ini - deleted
C:\Windows\temp\avginfo.id - deleted

C:\Windows\temp\ROC_ROC_APR2013_AV.ini - deleted
C:\Windows\temp\ROC_ROC_JAN2013_AV.ini - deleted
C:\Windows\temp\ROC_{4243DEA7-8D8A-4CB8-A224-9067D202C6B2}.ini - deleted
C:\Windows\temp\ROC_{6DE3DE93-27E0-45C7-9D3B-7D196BCD7419}.ini - deleted
C:\Windows\temp\ROC_{81C99E04-EA98-44E3-9483-95ACA57D0D85}.ini - deleted
C:\Windows\temp\ROC_{D511C6B8-2064-4B69-BEFE-FE512624C645}.ini - deleted
C:\Windows\temp\TS_96A3.tmp - deleted
C:\Windows\temp\TS_9991.tmp - deleted
C:\Windows\temp\{424BCFBF-81E5-435D-8DA6-C20AF1DA4716}.exe currently in use. Will be deleted when Windows is restarted.
C:\Windows\temp\avg_a10636\ConfigFiles\avguidx.dll currently in use. Will be deleted when Windows is restarted.
C:\Windows\temp\avg_a10636\ConfigFiles\installer_cfg.ini - deleted
C:\Windows\temp\avg_a10636\ConfigFiles\MachineIdCreator.exe currently in use. Will be deleted when Windows is restarted.
C:\Windows\temp\avg_a10636\ProgData\binarylines.manifest - deleted

 

Keep in mind, I can find nothing anywhere else on my computer regarding these files no matter how hard I try or how deep I dig.  Also, If I close clean-up and open it and run it again, those same files show up every single time despite showing they've been deleted.  Please help if anybody can. :(



BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,486 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:57 AM

Posted 15 June 2013 - 07:41 PM

Welcome to BC

I certainly can understand your frustration with this. Can I ask where did you find information that this issue is related to AVG Trojan?

What is AVG Secure Search

AVG Secure Search alerts you before you visit dangerous webpages...AVG Secure Search provides an additional security layer while searching and surfing to protect you from infected websites. It checks every page before you even click on a link to make sure your identity, your personal information and your PC are protected...


What is AVG Security Toolbar

The AVG Security Toolbar is a tool that works together with the LinkScanner component and checks the search results of supported Internet search engines (Yahoo!, Google, Bing, Baidu, Yandex, Ask.com, AOL, Seznam.cz)...


AVG Security Toolbar and AVG Secure Search (created by the makers of AVG Anti-virus) are commonly bundled with other software and installation is optional. However, many users overlook that option since it is pre-checked by default and they unknowingly install it. IMO a A checkbox for optional features like these should start unchecked so the user clearly has a choice.

When searching for unfamiliar or unknown toolbars on the Internet, it is not unusal to find numerous hits from untrustworthy and scam sites which mis-classify detections or provide misleading information. This is deliberately done more as a scam to entice folks into buying an advertised fix or removal tool. If the fix is a free download, you may then be enticed to download a nasty Trojan Horse or be redirected to a malicious web stie.

Those files are related to AVG Secure Search but I'm not sure why CleanUp continues to detect them if it says they have been removed. Unless you have not rebooted as some files are in use and cannot be removed until the computer is restarted.

If you have rebooted, then these repeated detections could possibly be related to an issue with CleanUp...hence the reason you're not finding any of them during your tedious investigation.

Have you check for an answer at the CleanUp Support Forum? They may have encountered this issue before and have an explanation.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:09:57 PM

Posted 15 June 2013 - 09:12 PM

(QUOTE) Free Windows Cleanup Tool has a lot of competition in the free system cleaner/registry optimizer field.

Clean junk files and registry errors in a flash(End QUOTE)

This is the write-up for Windows Cleanup Tool on a few download sites, and it proves the theory that most (if not all) registry cleaners/optimizers are not wanted on any computer -

 

EDITED -

Please post back with the actual version of the program you are using -

 

Thank You -


Edited by noknojon, 15 June 2013 - 09:57 PM.


#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,486 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:57 AM

Posted 15 June 2013 - 09:31 PM

I could be wrong but I believe he is using Windows CleanUp!
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 djkwik66

djkwik66
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:06:57 AM

Posted 17 June 2013 - 03:54 PM

@ quietman7: When I downloaded the 2013 update to AVG, I made sure to uncheck everything except the basic live protection. Since I never allowed the installation of the add-ons, I'm a bit PO'd that they are showing up on the computer. I have the exact same AVG on my notebook running XP and this did not happen. When I googled the phrase "Uninstalled AVG but parts of it still hidden in coputer" I got a lot of hits regarding this exact same situation...people that never installed it are finding it in their computer. I don't like something running in the background that I did not install.

You are also correct about the clean-up. Its name is "Windows CleanUp!" and it is NOT a registry cleaner. It simply deletes things like browser history, prefetch files, temp files (where a lot of these AVG things are showing up but I can't even find the folder). I went back and installed AVG directly from their website per one suggestion I read while googling and made 100% sure that I did not accept any of the add-ons, yet still they are present. I've read articles from AVG itself and I guess the forums there have a lot of people angry about this situation and AVG is not offering any advice that helps. Some people claim to have gotten rid of those stray folders successfully, but as stated, I ran a search before and deleted every single folder I could find with AVG in the name...yet the listed files are still being deleted every time I run CleanUp! I will run the clean-up and when it is done and shows those files as deleted, I'll run it again immediately without opening any browser or any other application and it will still list it as being deleted again. I cannot find it in my task manager either. I'm just totally blown away by a bunch of files that I cannot find.

A new one is showing up in the CleanUp utility but with these, the CleanUp statement is "in use - will be deleted when windows is restarted", which means even CleanUp! can't wipe them and they are showing up every single time I run the cleanup as well...they are as follows:

C:\Windows\temp\fwtsqmfile00.sqm currently in use. Will be deleted when Windows is restarted.
C:\Windows\temp\fwtsqmfile01.sqm currently in use. Will be deleted when Windows is restarted.
C:\Windows\temp\fwtsqmfile02.sqm currently in use. Will be deleted when Windows is restarted.
C:\Windows\temp\fwtsqmfile03.sqm currently in use. Will be deleted when Windows is restarted.
C:\Windows\temp\fwtsqmfile04.sqm currently in use. Will be deleted when Windows is restarted.
C:\Windows\temp\fwtsqmfile05.sqm currently in use. Will be deleted when Windows is restarted.
C:\Windows\temp\fwtsqmfile06.sqm currently in use. Will be deleted when Windows is restarted.
C:\Windows\temp\fwtsqmfile07.sqm currently in use. Will be deleted when Windows is restarted.
C:\Windows\temp\fwtsqmfile08.sqm currently in use. Will be deleted when Windows is restarted.
C:\Windows\temp\fwtsqmfile09.sqm currently in use. Will be deleted when Windows is restarted.
C:\Windows\temp\fwtsqmfile10.sqm currently in use. Will be deleted when Windows is restarted.
C:\Windows\temp\fwtsqmfile11.sqm currently in use. Will be deleted when Windows is restarted.

I can do the restart and then run CleanUp! immediately upon restart and they show up right away again....Its making me crazy that all these things are running in the background that I never installed and didn't used-to show up on the CleanUp! list just a few months ago.

Any ideas? Every forum like this usually has people run things like HJT, etc. to see a full listing of running processes, BHO's etc. and email the results. I'd be interested in finding out if this or another utility finds these registry keys so I can get rid of all of them once and for all. Again...just a couple of months ago, the maximum number of files CleanUp! would find is 6, not the 19-20 that it consistently finds now and the only ones it told me were in use and would be deleted on restart would be content/ie5/index.dat or something to that effect (even though I'm running ie9) I really really hate computers anymore and wish I could go back to a life without one but that is just not possible so I have to suffer the Microsoft Monster or become another worm in the Apple (which I've been trying to avoid at all cost).

#6 djkwik66

djkwik66
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:06:57 AM

Posted 17 June 2013 - 05:22 PM

UPDATE:  I finally found all those folders and deleted them all and now Windows CleanUp! does not list them any longer.  However, I have one new issue with this computer and one issue with my notebook running XP, but one thing at a time.

 

Current situation...No matter what advice I try even from Microsoft, I cannot get the Temporary Internet Files folder to show.  I've even followed the directions to move the folder somewhere easy to find...HOME...and I've checked the box to SHOW HIDDEN FOLDERS and the &$^%&(#(#&%&^ FOLDER refuses to show itself.  The Windows CleanUp is finding a totally NEW file that is in use and 'will be deleted when Windows is restarted' but shows up everytime again.  its in the Temporary Internet FIles folders, not the Windows TEMP folder as shown below (not it now shows the new location for the folder as being HOME but its NOT THERE!!!  GRRRRRRRRRRRRRRRRR!!!!!!!

 

C:\Users\HOME\Temporary Internet Files\counters.dat currently in use. Will be deleted when Windows is restarted.

 

This .dat file is new to the cleanup listing and since I cannot get the TIF folder to show itself, I can't delete it.  Does anybody have a way of getting the folder to show itself?  I've tried the %Temporary Internet Files% method (I've read to type that into a IE address bar but all I get when I do that is search results on google).  I've tried to type it into the CMD prompt and that does absolutely nothing but repeat what I just typed in instead of showing the location....besides...I KNOW THE WRETCHED LOCATION, THE FOLDER DOES NOT SHOW UP WHERE IT IS SUPPOSED TO BE!!!  god this is so nerve-racking!

again, This is Windows7 Premium Home.



#7 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,486 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:57 AM

Posted 17 June 2013 - 06:13 PM

As I said AVG Security Toolbar and AVG Secure Search are bundled with other software you may have download. For example, the toolbar is bundled with PDFCreator.

So even if you decline the option to use these add-ons if using and installing AVG anti-virus, you may still end up with them installed at some later date by unknowingly downloading another program where they have been bundled. However, some folks have reported that when AVG auto-updates, it will install the toolbar as a Firefox add-on without input from the user.

As for your latest problem, I will have to do some research but I don't have time to do it right now.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users