|Virus & Other Malware Removal|
Browser hijacked by Snap Do and search s ...
Repetitive Registry Entries - Microsoft\ ...
slow internet and weird computer
Can't access PC.
Windows 7 IE 10 Proxy Setting & Perm ...
about:blank infection HELP!!!
Scam phone calls and remote access
Slow Computer... MalwareBytes can't scan ...
Pokki? It won't go away...
Sluggish laptop with delayed boot up tim ...
Can browse but can't ping
Randomly opening browser windows
21-Jul-2012, 03:27 PM #1
AVG: Win64/Patched.A (svchost.exe)
Today I was browsing while an AVG virus alert randomly pops up with the following:
AVG keeps popping up with the error above ^
I think that means svchost.exe keeps trying to restart itself automatically
I keep getting new Advertisement pop-up Tabs & sometimes when I click a link, it will redirect to an advertisement instead. (dating sites, travel sites, etc.)
Appreciate ANY help with the removal of this
Windows Vista, 64 Bit
1. HijackThis Log File
Last edited by anon123700; 21-Jul-2012 at 08:43 PM..
21-Jul-2012, 10:37 PM #3
UPDATE; more files in Task Manager - when deleted re-open.
Random names like: xtzklg.exe, gxmxdl.exe,
New virus found by AVG:
22-Jul-2012, 05:36 AM #4
Delete any existing version of ComboFix you have sitting on your desktop
Please read and follow all these instructions very carefullyDo not edit or remove any information or user names etc, otherwise we cannot fix the problem. If you insist on editing out anything then I will close the topic & refuse to offer any help.
Download ComboFix from Hereto your Desktop.
As you download it rename it to username123.exe
**Note: It is important that it is saved directly to your desktop and run from the desktop and not any other folder on your computer**
1. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
2. Close any open browsers and any other programs you might have running
Double click on renamed combofix.exe & follow the prompts.If you are using windows XP It might display a pop up saying that "Recovery console is not installed, do you want to install?"
Please select yes & let it download the files it needs to do this. Once the recovery console is installed Combofix will then offer to scan for malware. Select continue or yes.
When finished, it will produce a report for you.
Please post the "C:\ComboFix.txt" for further review
****Note: Do not mouseclick combofix's window while it's running. That may cause it to stall or freeze ****
Note: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.
Note: Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell us when you reply. Read HERE why we disable autoruns
Please do not install any new programs or update anything (always allow your antivirus/antispyware to update) unless told to do so while we are fixing your problem. If combofix alerts to a new version and offers to update, please let it. It is essential we always use the latest version.
Please tell us if it has cured the problems or if there are any outstanding issues
Post the log in next reply please...
23-Jul-2012, 04:00 AM #5
Thanks for your advice, here's the log
edit: was looking at "locked registries" and noticed a lot of Macromedia/Flash files, one of the problems I had was a trojan installer popping up that was disguised as a Flash Updater.. It would pop up and start downloading automatically
23-Jul-2012, 02:12 PM #8
*Follow these steps to uninstall Combofix and the other tools it downloaded to remove the malware*
* Click START then RUN
* Now type Combofix /Uninstall in the runbox and click OK. Note the space between the X and the /U, it needs to be there.
This will also purge the restore folder and clear any malware that has been put in there. Now Empty Recycle bin on desktop Then reboot.
go here http://www.thespykiller.co.uk/index.php?page=3 for info on how to tighten your security settings and how to help prevent future attacks.
and scan here http://secunia.com/vulnerability_scanning/online/ for out of date & vulnerable common applications on your computer and update whatever it suggests. Download & use the PSI version ( not the OSI, in your browser java version) as I no longer recommend having Java installed on the computer at all, unless it is absolutely necessary, because of the too high risk of malware infiltration
Then pay an urgent visit to windows update & make sure you are fully updated, that will help to plug the security holes that let these pests on in the first place. If windows update doesn't work, please come back & tell us
Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.
If you're not already familiar with forums, watch our Welcome Guide to get started.
|Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)|