Possible Virus with Avgcsrvx.exe

View previous topic View next topic Go down

Re: Possible Virus with Avgcsrvx.exe

Post by Sneakyone on Fri Aug 19, 2011 3:41 am

Hi,

Your ComboFix log is cut off.


I'm livin' life in the fast lane.

Sneakyone
Master
Master

Posts Posts : 2707
Joined Joined : 2010-01-10
Gender Gender : Male
OS OS : Windows 7 Ultimate 64-bit
Protection Protection : Avast, Comodo Firewall, and Malwarebytes' Anti-Malware
Points Points : 56074
# Likes # Likes : 0

View user profile

Back to top Go down

Sorry about that... here is the file again

Post by grasshopper on Fri Aug 19, 2011 8:47 am

ComboFix 11-08-17.03 - Eric 08/18/2011 4:55.9.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1982.1441 [GMT -5:00]
Running from: c:\documents and settings\Eric\Desktop\commy.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-07-18 to 2011-08-18 )))))))))))))))))))))))))))))))
.
.
2011-08-17 09:54 . 2011-08-17 09:54 -------- d-----w- c:\windows\LastGood
2011-08-16 21:56 . 2011-08-16 21:56 -------- d-----w- C:\spoolerlogs
2011-08-15 08:59 . 2011-08-15 09:23 -------- d-----w- C:\commy
2011-08-06 05:08 . 2009-06-30 15:37 28552 ----a-w- c:\windows\system32\drivers\pavboot.sys
2011-08-06 05:08 . 2011-08-06 05:08 -------- d-----w- c:\program files\Panda Security
2011-08-05 04:33 . 2011-08-05 04:33 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Apple
2011-08-01 22:52 . 2011-08-01 22:52 -------- d-----w- C:\found.001
2011-08-01 09:21 . 2011-08-01 09:21 -------- d-sh--w- c:\documents and settings\Eric\IECompatCache
2011-08-01 09:08 . 2011-08-01 09:08 -------- d-----w- C:\found.000
2011-07-31 11:07 . 2011-07-31 11:07 -------- d-----w- c:\windows\system32\wbem\Repository
2011-07-23 10:39 . 2011-07-31 11:18 -------- d-----w- c:\documents and settings\egrimnes\Application Data\Apple Computer
2011-07-23 10:39 . 2011-07-23 10:39 -------- d-----w- c:\documents and settings\egrimnes\Local Settings\Application Data\Apple Computer
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-11 10:44 . 2008-11-16 13:47 18368 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\VSA\9.0\1033\ResourceCache.dll
2011-07-11 10:43 . 2008-11-16 13:47 1721312 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\VisualStudio\9.0\1033\ResourceCache.dll
2011-07-11 08:15 . 2011-07-11 08:16 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-07-11 08:15 . 2010-06-24 20:52 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-07-07 00:52 . 2009-10-28 13:31 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-07-07 00:52 . 2009-10-28 13:31 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-06-19 09:18 . 2011-06-19 09:18 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-06-02 14:02 . 2003-03-31 12:00 1858944 ----a-w- c:\windows\system32\win32k.sys
.
.
((((((((((((((((((((((((((((( SnapShot_2011-08-06_05.26.43 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-08-17 09:29 . 2011-08-17 09:29 16384 c:\windows\temp\Perflib_Perfdata_7bc.dat
+ 2010-12-10 23:29 . 2010-12-10 23:29 64864 c:\windows\system32\sqlctr90.dll
+ 2003-03-31 12:00 . 2011-08-17 10:01 93624 c:\windows\system32\perfc009.dat
+ 2011-08-16 22:00 . 2011-08-16 22:00 15698 c:\windows\SoftwareDistribution\EventCache\{64F2334F-E941-4128-A056-A1A788104845}.bin
+ 2011-08-17 09:18 . 2011-08-17 09:28 2920 c:\windows\SoftwareDistribution\EventCache\{F8983837-1703-4271-9F30-77E6D40DB52E}.bin
+ 2003-03-31 12:00 . 2011-08-17 10:01 511448 c:\windows\system32\perfh009.dat
+ 2011-08-17 10:04 . 2011-08-17 10:04 814080 c:\windows\Installer\19307f.msi
+ 2011-08-17 10:01 . 2011-08-17 10:01 6409728 c:\windows\Installer\193074.msi
+ 2011-08-17 10:00 . 2011-08-17 10:00 1625440 c:\windows\assembly\GAC_32\Microsoft.SqlServer.Replication\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.Replication.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IDTSysTrayApp"="sttray.exe" [2007-09-06 405504]
"ISTray"="c:\program files\Spyware Doctor\pctsTray.exe" [2010-05-11 1287120]
"@OnlineArmor GUI"="c:\program files\Tall Emu\Online Armor\oaui.exe" [2010-04-20 6678008]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-04-04 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-04-04 13670504]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-06-07 421160]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2006-10-27 434528]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2009-3-3 113664]
VPN Client.lnk - c:\windows\Installer\{CCBAA1F7-E5E1-48B2-9ED9-A79C6A37CE78}\Icon3E5562ED7.ico [2009-4-30 6144]
WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2009-4-28 122880]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{4F07DA45-8170-4859-9B5F-037EF2970034}"= "c:\progra~1\TALLEM~1\ONLINE~1\oaevent.dll" [2010-04-20 925688]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-3713959246-320310600-2471480639-1178\Scripts\Logon\0\0]
"Script"=logon.bat
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\Program Files\\SmartFTP Client\\SmartFTP.exe"=
"c:\\Program Files\\Common Files\\Microsoft Shared\\DevServer\\9.0\\WebDev.WebServer.EXE"=
"c:\\WINDOWS\\system32\\fxsclnt.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Microsoft Expression\\Media 2\\Media.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
.
R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [8/6/2011 12:08 AM 28552]
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [6/17/2010 12:10 PM 218592]
R1 OADevice;OADriver;c:\windows\system32\drivers\OADriver.sys [6/18/2010 7:50 AM 228216]
R1 OAmon;OAmon;c:\windows\system32\drivers\OAmon.sys [6/18/2010 7:50 AM 24440]
R1 OAnet;OAnet;c:\windows\system32\drivers\OAnet.sys [6/18/2010 7:50 AM 29560]
R2 msftesql$SQLEXPRESS;SQL Server FullText Search (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe [3/26/2010 3:07 AM 91992]
R2 OAcat;Online Armor Helper Service;c:\program files\Tall Emu\Online Armor\oacat.exe [6/18/2010 7:50 AM 1284600]
R2 SvcOnlineArmor;Online Armor;c:\program files\Tall Emu\Online Armor\oasrv.exe [6/18/2010 7:50 AM 3364856]
S2 gupdate1c95cab836b518e;Google Update Service (gupdate1c95cab836b518e);c:\program files\Google\Update\GoogleUpdate.exe [12/12/2008 5:46 PM 133104]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [12/12/2008 5:46 PM 133104]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [1/29/2010 3:36 AM 717296]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - SQLBROWSER
.
Contents of the 'Scheduled Tasks' folder
.
2011-08-12 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 22:57]
.
2011-08-18 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-12-07 10:55]
.
2011-08-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2008-12-12 11:34]
.
2011-08-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2008-12-12 11:34]
.
.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = [You must be registered and logged in to see this link.]
uSearchURL,(Default) = [You must be registered and logged in to see this link.]
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll/cmsidewiki.html
Trusted Zone: aig.com\na.connect
TCP: DhcpNameServer = 24.206.220.35 24.206.220.45 208.180.42.100
DPF: {3BA494B1-D507-4C11-9BDA-D47E1A65DFCF} - [You must be registered and logged in to see this link.]
FF - ProfilePath - c:\documents and settings\Eric\Application Data\Mozilla\Firefox\Profiles\y8rdhq3a.default\
FF - prefs.js: browser.startup.homepage - [You must be registered and logged in to see this link.]
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: [You must be registered and logged in to see this link.] - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: LinkDiagnosis 2.2: [You must be registered and logged in to see this link.] - %profile%\extensions\beta@linkdiagnosis.com
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2011-08-18 05:09
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\msftesql$SQLEXPRESS]
"ImagePath"="\"c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe\" -s:MSSQL.1 -f:SQLEXPRESS"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\DeterministicNetworks\DNE\Parameters]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,79,00,73,00,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(608)
c:\windows\system32\CSGina.dll
.
- - - - - - - > 'explorer.exe'(3412)
c:\windows\system32\WININET.dll
c:\program files\Tall Emu\Online Armor\OAwatch.dll
c:\program files\SmartFTP Client\en-US\sfShellTools.dll.mui
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
.
Completion time: 2011-08-18 05:16:35
ComboFix-quarantined-files.txt 2011-08-18 10:16
ComboFix2.txt 2011-08-15 09:23
ComboFix3.txt 2011-08-06 11:58
ComboFix4.txt 2011-08-06 05:31
ComboFix5.txt 2011-08-18 09:51
.
Pre-Run: 137,931,329,536 bytes free
Post-Run: 138,068,590,592 bytes free
.
- - End Of File - - 92A8834A01A710B6CABD47DFC9421752

grasshopper
Novice
Novice

Posts Posts : 46
Joined Joined : 2010-06-18
OS OS : Windows XP
Points Points : 24286
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Possible Virus with Avgcsrvx.exe

Post by Dr Jay on Sat Aug 20, 2011 5:11 pm

Thanks for that...

ESET Online Scan

Please run a free online scan with the [You must be registered and logged in to see this link.]
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • When asked, allow the ActiveX control to install
  • Click Start
  • Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  • Click Scan (This scan can take several hours, so please be patient)
  • Once the scan is completed, you may close the window
  • Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  • Copy and paste that log as a reply to this topic


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13714
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302072
# Likes # Likes : 10

View user profile

Back to top Go down

ESET Results

Post by grasshopper on Sun Aug 21, 2011 2:12 pm

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6528
# api_version=3.0.2
# EOSSerial=72df6bb2859a2249a1bb4db882f240d4
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-08-08 11:51:46
# local_time=2011-08-08 06:51:46 (-0600, Central Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=1029 16777214 100 98 0 55317714 0 0
# compatibility_mode=2560 16777215 100 0 0 0 0 0
# compatibility_mode=6401 16777214 66 100 1409081 40115785 0 0
# compatibility_mode=8192 67108863 100 0 35020026 35020026 0 0
# scanned=558274
# found=2
# cleaned=2
# scan_time=10394
C:\Downloads\DVDBurner\Setup_FreeBurner.exe Win32/Adware.Toolbar.Dealio application (deleted - quarantined) 00000000000000000000000000000000 C
C:\System Volume Information\_restore{77605E37-928B-4EF2-9AD8-4072CC5853C1}\RP1081\A1092026.exe Win32/Adware.Toolbar.Dealio application (deleted - quarantined) 00000000000000000000000000000000 C
esets_scanner_update returned -1 esets_gle=49153
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6528
# api_version=3.0.2
# EOSSerial=72df6bb2859a2249a1bb4db882f240d4
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-08-12 12:30:20
# local_time=2011-08-12 07:30:20 (-0600, Central Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=1026 16777214 0 2 55664737 55664737 0 0
# compatibility_mode=2560 16777215 100 0 0 0 0 0
# compatibility_mode=6401 16777213 66 100 0 40462991 0 0
# compatibility_mode=8192 67108863 100 0 35367232 35367232 0 0
# scanned=548858
# found=0
# cleaned=0
# scan_time=11102
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6528
# api_version=3.0.2
# EOSSerial=72df6bb2859a2249a1bb4db882f240d4
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-08-21 01:33:07
# local_time=2011-08-21 08:33:07 (-0600, Central Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=1026 16777214 0 2 56446627 56446627 0 0
# compatibility_mode=2560 16777215 100 0 0 0 0 0
# compatibility_mode=6401 16777213 66 100 0 41244881 0 0
# compatibility_mode=8192 67108863 100 0 36149122 36149122 0 0
# scanned=537348
# found=0
# cleaned=0
# scan_time=10577

grasshopper
Novice
Novice

Posts Posts : 46
Joined Joined : 2010-06-18
OS OS : Windows XP
Points Points : 24286
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Possible Virus with Avgcsrvx.exe

Post by Dr Jay on Sun Aug 21, 2011 5:57 pm

How is the computer working now?


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13714
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302072
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Possible Virus with Avgcsrvx.exe

Post by grasshopper on Thu Aug 25, 2011 9:14 am

The computer seems to be working fine now. It still seems to be a little lethargic, but no errors and it comes up.

I installed Avast Free as well.

Thank you both for your assistance!

Eric

grasshopper
Novice
Novice

Posts Posts : 46
Joined Joined : 2010-06-18
OS OS : Windows XP
Points Points : 24286
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Possible Virus with Avgcsrvx.exe

Post by Dr Jay on Fri Aug 26, 2011 12:41 am

Do you just have Avast free?


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13714
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302072
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Possible Virus with Avgcsrvx.exe

Post by grasshopper on Sat Aug 27, 2011 9:49 am

Yes, Previously I had AVG (purchased) and probably could put that back on)I have Malware Bytes (free version) that I run occationally, as well as Spybot (which I also run manually).

Do you have any suggestions to others (hopefully free) protection I should try?

Thank you,

Eric

grasshopper
Novice
Novice

Posts Posts : 46
Joined Joined : 2010-06-18
OS OS : Windows XP
Points Points : 24286
# Likes # Likes : 0

View user profile

Back to top Go down

Odd Thing...

Post by grasshopper on Sat Aug 27, 2011 10:35 am

On the system that was infected I have seen an odd situation.

When I open Internet explorer I look at Task Manager and see two iexplorer processes opened. If I open two sessions I get four, and so on. If I close one of the sessions, both are closed. I tried this on my other systems and only get one per session.

Is this suppose to happen?

Thanks!

Eric


grasshopper
Novice
Novice

Posts Posts : 46
Joined Joined : 2010-06-18
OS OS : Windows XP
Points Points : 24286
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Possible Virus with Avgcsrvx.exe

Post by Dr Jay on Sat Aug 27, 2011 10:31 pm

Yes, that should happen based on how it works and if you have add-ons on that browser.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13714
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302072
# Likes # Likes : 10

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum