On a home/office network consisting of XP pro pc's as well as one W7 pro 64 bit pc, and like others have run free AVG for some time.
Upon startup/reboot on all pc's, opening task manager processes shows a process (once on the W7) (twice in the XP processes list) AVG-Secure-Search-Update_0816av.exe in the XP boxes, additionally shows a following *32 on the W7 64 bit box, which i presume references it as a 32 bit file. I can kill the process(s) and they do not return until reboot/restart,
The last couple of times i've restarted the "server" XP pro pc i connect online with,( which by the way due to location i'm limited to dialup) I get more connection usage than i should see close to +/- 50% until i kill the above mentioned processes, and twice now AVG has quarantined the above named file as corrupt, found in Windows/temp.
Checking the referenced directory Windows/temp the file was found still shows a file name of 0816av_Avg_Update_Config.json along with avginfo.id and toolbar_log.txt files, although the AVG toolbar has never been installed.
Other than the afore mentioned corrupt file quarantine, I can find no other reference searching any of the 3 pc's for "AVG-Secure-Search-Update_0816av.exe" .
Doing a file search comes up empty, as does a search in the registry, and the only AVG reference in add/remove programs is to the AV software with no other AVG entries.
AV scans other than mentioned, have all come up empty as does a scan with Malwarebytes and Adaware.
I've found a lot of references to "AVG-Secure-Search-Update_0814av.exe" but very little to what i presume is a later version 0816,
additionally this installation of xp was a clean install about 30 days ago.
Thus far i'm at a loss on how to get rid of it. Suggestions?
These issues may not be related but this seemed to start on the W7 box causing high connection usage and eventually narrowed down to constant connection with akamai technologies on port 80 causing around 100% use. (which led to investigating the xp boxes and finding the same file as per above) Searching for information led to the suggestions this was apple quicktime and apple updater related, which were both installed on that pc. Both were uninstalled, ran ccleaner registry check and cleaned up the invalid registry entries, searched for and manually removed reg. entries relating to apple and quicktime also.
All seemed well for about a week with no illicit connection use and it suddenly reappeared, again netstat showing akamai technologies as the source of connection use, this time on port 443.
Currently i have the 7 box disconnected and isolated, I've uninstalled free AVG, and as much as possible removed all traces via ccleaner, file and registry search.
Edited by Charlie_S, 04 August 2016 - 12:34 PM.