Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malware disabled AVG and causing large numbers of viruses to enter computer


  • Please log in to reply
14 replies to this topic

#1 Indianajon

Indianajon

  • Members
  • 7 posts
  • OFFLINE
  •  

Posted 31 July 2014 - 03:27 PM

Whilst my daughter was playing with the computer yesterday she downloaded something that has introduced a malware that has stopped AVG from working and has shut me out of turning it on, starting a scan or updating. Additionally it has introduced large numbers of pop ups (many of which are dodgy in the extreme). Any help would be greatfully recieved.


Edited by hamluis, 31 July 2014 - 03:50 PM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 Indianajon

Indianajon
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  

Posted 31 July 2014 - 03:33 PM

I should add that I have searched through the hidden files folder and not found anything suspect and wonder if the combo fix software is the way forward?

#3 JohnC_21

JohnC_21

  • Members
  • 24,019 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:13 AM

Posted 31 July 2014 - 04:15 PM

Hello and Welcome,

Combofix should not be run unless instructed by a Malware Removal Expert on the Malware Removal Forum. It can make the computer unbootable if not done correctly

 

One suggestion would be to run Malwarebytes Chameleon. Note the Usage section.

 

Then Adwcleaner.



#4 Indianajon

Indianajon
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  

Posted 01 August 2014 - 02:25 AM

Thanks will give that a try then come back and let you know

#5 Indianajon

Indianajon
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  

Posted 01 August 2014 - 05:47 AM

Hi chameleon found 447 instances of malware and removed them but still locked out of AVG

#6 Indianajon

Indianajon
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  

Posted 01 August 2014 - 06:03 AM

Also ran adwcleaner at same time I should add

#7 Guest_ArisMFighter_*

Guest_ArisMFighter_*

  • Guests
  • OFFLINE
  •  

Posted 01 August 2014 - 07:54 AM

Hello Indianajon.I advise you to run the rkill.exe which will terminate any malicious processes it found for the moment and then you should be able to clean the infections with your avg antivirus.Download the rkill.exe from http://www.bleepingcomputer.com/download/rkill/dl/10/   



#8 JohnC_21

JohnC_21

  • Members
  • 24,019 posts
  • OFFLINE
  •  
  • Gender:Male

Posted 01 August 2014 - 08:00 AM

In addition to ArisMFighter's good advise I would just like to add that after running Rkill do not reboot the computer before running Malwarebytes.

Edited by JohnC_21, 01 August 2014 - 08:00 AM.


#9 Guest_ArisMFighter_*

Guest_ArisMFighter_*

  • Guests
  • OFFLINE
  •  

Posted 01 August 2014 - 09:33 AM

Yes JohnC_21.As you say he shouldn't shutdown the computer after running Rkill.But he has already clean the malware with malwarebytes,so the next step is to clean the viruses with an antivirus.I also strongly recommend HitmanPro which is a very good cloud behavioral antimalware and it can detect malware and viruses :)



#10 JohnC_21

JohnC_21

  • Members
  • 24,019 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:13 AM

Posted 01 August 2014 - 09:43 AM

Yep, you are right, I thought with Rkill Malwarebytes might get and clean a few more malware. There is a registry key that is probably keeping AVG from running. Malware usually sets this key to keep an antivirus or any other program from starting. It's used by the Software Restriction Policy but since the OP probably has the Home edition, he will need to delete this key from the registry. I am not going to suggest this unless Hitman Pro does not fix the problem.



#11 Guest_ArisMFighter_*

Guest_ArisMFighter_*

  • Guests
  • OFFLINE
  •  

Posted 01 August 2014 - 10:04 AM

So a malicious registry key is preventing AVG from running and malwarebytes miss it.After terminating the malicious processes and malicious registry keys with Rkill,i recommend HitmanPro and the problem then should be solved.Also very good is the emsisoft emergency kit https://www.emsisoft.com/en/software/eek/download/



#12 Indianajon

Indianajon
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  

Posted 01 August 2014 - 11:14 AM

Thank you I'll let you know how it goes

#13 Guest_ArisMFighter_*

Guest_ArisMFighter_*

  • Guests
  • OFFLINE
  •  

Posted 01 August 2014 - 11:17 AM

ok  :thumbup2:



#14 Indianajon

Indianajon
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:08:13 AM

Posted 02 August 2014 - 01:51 PM

Thank you all. The combination of rkill and hitman pro appears to have got me back in control again to get everything cleaned out and sorted.

#15 Guest_ArisMFighter_*

Guest_ArisMFighter_*

  • Guests
  • OFFLINE
  •  

Posted 02 August 2014 - 06:07 PM

You are welcome.Ok, :thumbup2: this is good.Also tell your daughter to be carefull with her downloads and also you can download this great add-on from Bitdefender that will add a very strong security layer in your browser.It is available for chrome,firefox and safari.

Take a look:http://www.bitdefender.com/solutions/trafficlight.html






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users