TechSpot

Avg has trojan sheriff in vault

By shetawk
Mar 6, 2008
  1. shetawk

    shetawk TS Rookie Topic Starter Posts: 38

    I must have clicked the wrong button. I did respond.

    I did respond but probably hit the wrong button. Was waiting for an answer from you.

    According to my computer, windows has a firewall in place and working.

    Is this sufficient protection or should I add another program?

    Now have avast antivirus, adaware and spybot, all on automatic updates and scans.

    Downloaded Java through link and uninstalled other versions.

    Made new restore point and deleted oldies.

    Have problem with videos now, especially from utube. Downloads 2 seconds at a time.

    Must have done something wrong when I was clearing stuff out or altered a setting I wasn't aware of.

    Should I reinstall java and see if the problem is there?

    Thank you. ST
     
  2. Blind Dragon

    Blind Dragon TS Evangelist Posts: 4,048

    You aren't running Firewall Software. Please download and install one of these first!

    Use a Firewall - It is very important that you use a Firewall on your computer. If you use the Windows Firewall you might think that's enough but it only controls inbound traffic. Simply using a Firewall in its default configuration can lower your risk greatly. Here are some firewalls which are free for personal use and most commonly used:
    Comodo
    Kerio
    Online Armor
    Zonealarm

    Let me see one more Hijackthis file and I will see if anything sticks out that would be effecting the videos
     
  3. shetawk

    shetawk TS Rookie Topic Starter Posts: 38

    I happened again...my post was lost.

    Another memo was lost.

    This time I'm sure I sent the memo with hijack attached.


    Comodo found "New Private Network Detected!" Via Compatable fast ethernet adapter - Packet Scheduler Miniport

    What does this mean? Is it my dsl modem?

    Also, comodo said hijackthis.exe is trying to modify the contents of C:\windows\win.ini and that I must make sure hijack is a safe application before allowing request. I though hijack just scanned at first.

    Thank you. ST
     
  4. Blind Dragon

    Blind Dragon TS Evangelist Posts: 4,048

    Good you have Defense+ enabled.

    This is Normal, check remember this decision and allow

    Don't worry about Hijackthis. Basically if you recognize the program it is normally fine.

    You will get a lot of warnings at first until Comodo learns your computer and your habits. It is worth it though. It is a great firewall. Over time you wont even realize it is there, except for on occasion.

    Hijackthis looks clean but I would remove these ActiveX controls for good measure. You can always resintall them if needed. Since you no longer have these programs.

    Remove bad HijackThis entries
    • Close all open windows and browsers/email, etc...
    • Click on the "Fix Checked" button
    • When completed, close the application.
     
  5. shetawk

    shetawk TS Rookie Topic Starter Posts: 38

    Took off trend housecall, too...

    especially since it didn't work anyway. ST
     
  6. shetawk

    shetawk TS Rookie Topic Starter Posts: 38

    Had to push it a little further with removalT...

    See beginning of report for quarantine info.

    Thank you. ST
     
  7. Blind Dragon

    Blind Dragon TS Evangelist Posts: 4,048

    It could be for 100s of different programs I am not sure what yours goes to, if none of your programs have issues with it in quarantine you can remove it

    Not sure why the file has been removed, but you might as well remove the entry using Hijackthis:

    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (file missing)
     
  8. shetawk

    shetawk TS Rookie Topic Starter Posts: 38

    Thank you, thank you, thank you.

    Computer isn't slow anymore.

    Java notified me for update and that download took care of it.

    You're great. ST
     
  9. Blind Dragon

    Blind Dragon TS Evangelist Posts: 4,048

    Good.

    Go to start -> Run -> type in combofix /u
    *note the space between
    *This will uninstall combofix
    *removes vundofix backups
    *removes quarentine files
    *creates a fresh clean restore point

    Remove Hijackthis from Start-> control panel -> add/remove programs
    Remove the 3 tools from step 10 (smitfraud, vundofix,virtumondobegone) by dragging to the recycle bin

    I recommend you keep
    1 anti virus program (AVG not anti spyware)
    1 firewall
    Spybot S&D, Adaware 2007, AVG Anti Spyware if you want but the version we downloaded is a 30 day trial

    keep them updated.

    You can also turn on tea timer in Spybot:
    • Click on Mode at the top and make sure that Advanced is checked
    • Expand the Tools tab in the left pane
    • Single click on the Resident Icon also in the left pane
    • check Resident "TeaTimer" (Protection of over-all system settings) Active
    • Close spybot

    Also under Tools you can double-click System Startup in the right pane and disable programs from running at

    startup. This will free up system resources. For example if you don't use MSN Messenger everytime you run your computer

    you can disable it, then when you want to use it you can launch it through Start -> all programs, or make a shortcut on

    the desktop for it. That way it doesn't use resources when you aren't using it. Don't disable any entries in green

    though.
     
  10. shetawk

    shetawk TS Rookie Topic Starter Posts: 38

    Thank you again. ST

    Thank you again. ST
     
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.