speedtouch 330 vista driver
« Previous Article
Next Article »
An infected computer show a fake virus infection message / security center message and AVG is not running or cannot be installed. SOLVED

We found a fake antivirus message when powering a windows xp based computer.

There were signs of AVG previously installed ( an avg free 8.5 installation file on the desktop gave that away ) but it was not running. The fake antivirus / security center replaced the background picture and prevented any other applications running.

Previously it looks as though the customer had attempted removal by running malwarebytes. This was now failing as the virus/malware had managed to get hooks into the registry preventing proper application execution from taking place.

The computer displayed a warning on boot into windows, rather like an oversized message box.

Boot the computer to safe mode by pressing the f8 key during the windows splash screen.

Although the fake message is still shown applications can be executed. So first task is to launch malwarebytes and perform an update. Remember that safe mode with networking is required to complete this task. In this case malwarebytes required a program update and a definition update. Perform a quick scan with malwarebytes. This discovered 40 infections/registry changes. Remove all the infections and reboot normally. This time the computer reboots with no fake antivirus message.

When trying to install AVG the installation fails when trying to write to the registery with an access denied error.

Download the reset privilege tool from the avg website and in our case we removed spyware doctor as some reports were indicating that some spyware programs prevent avg from accessing the registry.

We then ran the avg free 9 setup file and this time installation completed successfully.

Next we install superantispyware and ran a full scan, detecting a few tracking cookies and 3 nasties in the system restore. Perform removal on completion, a reboot is necessary.

Run a full scan with malwarebytes, checking for updates first. 3 infections were found, select all to remove at the end of the scan.

Perform a full scan with AVG 9 now installed, after checking for updates. Remove the trojan horse trojan.hiloti.

Reboot and check that the computer is responsive and programs correctly run and that the internet is accessible with no detriment or unexpected behaviour.

 

Viewed: 272 times.

Article Comments

Here are the comments which have been made on this article. PLEASE add your own comments using the form below.

Add your own Comment

Tell us your thoughts using this form.

Note: url accepted in bbcode ( what does this mean? ). Follow or NoFollow Links?