Major puter prob... again. Heeelllllp

[kiwiwolf]

At least this time it isn't my puter. kjtatts contacted me earlier tonight and explained that she had a major virus prob. She had downloaded a free anti virus program called AGV from the net and ran it discovering that she has a worm. The worm was trapped by the anit virus programme but now we can't get rid of the damned thing and the free antivirus software has fucked up her system. It won't allow access to basic functions of her machine. Internet access seems to be about the only thing that isn't effected.

We've tried erasing the AGV programme but don't have access to remove/ add programmes in her Control Panel. Deleting it manually isn't an option either. I can't get the registry up so I'm screwed there as far as removal options go.

Any advise would be marvelous. It's 5.50 am here and I'm getting damned temted just to hurl the fucking thing through the window.

 

[kiwiwolf]

Desperate BUMP!!!! It's 6.03 am and I have to get to work in an hour or two... HELLLLLLP!!!

 

[Guest]

Eep. I don't know what to tell you hon. PM Weird Harold!

 

[ridddder]

Do a search on a draco thread concerning virus programs. He is a computer tech for a living so he knows. Weird Harold usually hangs out in the how to thread. If I had a PC I would gladly lend advice, but I am just another Mac Head.

 

[kiwiwolf]

Do a search on a draco thread concerning virus programs. He is a computer tech for a living so he knows. Weird Harold usually hangs out in the how to thread. If I had a PC I would gladly lend advice, but I am just another Mac Head.

Thanks man. Draco actually built my system for me and it rocks. The problem is kjtatts system was the original one out of the Ark. I've sent out PMs but so far no answers.

The worm concerned is the Yaha worm if that helps at all but the real problem is getting rid of the AVG programme.

 

[ridddder]

you can always go here

symantec

I don't know if this is the best virus app, but there are removal tools for yaya

 

[kiwiwolf]

you can always go here

symantec

I don't know if this is the best virus app, but there are removal tools for yaya

I ran an online scan with PC CILLIN... the virus is gone but the AVG software has screwed up all the settings in the puter and won't allow access to most of the puters basic functions.


I need to find out how to get rid of the AVG software.

 

[ridddder]

google turned up this-

AVG

How is that?

 

[islandman]

Talk to ShamelessFlirt. He's a computer geek second to none.

 

[miles]

It's my guess the virus itself caused the problems, not the virus software.

Are you saying AVG isn't on add/remove or you can't access add/remove?

If it isn't listed on Add/Remove, download it again, then see if it appears in Add/Remove.

There has to be some info you haven't told us.

 

[miles]

I've had AVG for a long time - no problems here.

 

[kiwiwolf]

It's my guess the virus itself caused the problems, not the virus software.

Are you saying AVG isn't on add/remove or you can't access add/remove?

If it isn't listed on Add/Remove, download it again, then see if it appears in Add/Remove.

There has to be some info you haven't told us.

I can access Add/Remove but then can go no further. I can't remove AVG. It is the free version that she downloaded for the express purpose of getting rid of the worm. I tried downloading the programme again but it disappeared into the ether. It looks like AVG has the worm quarantined but I can't delete it. AVGs warning screen keeps popping up. I even ran a PC Cillin scan which turned up the presence of another small trojan horse virus which I removed. The fact that there was no worm shown in the PC Cilling scan indicates to me that the probs here are caused by the AVG programme with the worm in quarantine. It is frustrating.

 

[kiwiwolf]

Bump

 

[miles]

Try this:

Go to Start

Type msconfig

Press enter

Click on the Startup Tab

Tell me which Programs are checked off.


Definitely not a good idea to have two anti virus programs running. Remove PC Cillin.

Which music filesharing programs are on the computer? Do you download a lot of shareware/freeware/demos?

Also go here http://www.lavasoft.nu/, download Ad-Aware and run it to remove any spyware which can screw up your puter.

Do you have RegClean (part of windows)? If you do, run it.

I tried downloading the programme again but it disappeared into the ether.


Huh?

 

[kiwiwolf]

Try this:

Go to Start

Type msconfig

Press enter

Click on the Startup Tab

Tell me which Programs are checked off.


Definitely not a good idea to have two anti virus programs running. Remove PC Cillin.

Which music filesharing programs are on the computer? Do you download a lot of shareware/freeware/demos?

Also go here http://www.lavasoft.nu/, download Ad-Aware and run it to remove any spyware which can screw up your puter.

Do you have RegClean (part of windows)? If you do, run it.

I tried downloading the programme again but it disappeared into the ether.


Huh?

PC Cillin isn't installed on here. It is kjtatts machine and I ran the Housecall virus check online. She has no filesharing programmes, and no she has never downloaded freeware, shareware or demos. She doesn't have RegClean and the system won't allow us to even run msconfig. It keeps on coming up with the AVG Resident Shield with the virus description and location, then the message "Access to specified device, path, or file is denied."

When I redownloaded the AVG free programme the second time, the download went perfectly until I went to find and open the programme. It aint there. I ran find, tried exploring the programme files... every damned thing I could think of but it couldn't be found.

I need sleep then a bigger hammer to fix this damned thing.

 

[miles]

PC Cillin isn't installed on here. It is kjtatts machine and I ran the Housecall virus check online. She has no filesharing programmes, and no she has never downloaded freeware, shareware or demos. She doesn't have RegClean and the system won't allow us to even run msconfig. It keeps on coming up with the AVG Resident Shield with the virus description and location, then the message "Access to specified device, path, or file is denied."

When I redownloaded the AVG free programme the second time, the download went perfectly until I went to find and open the programme. It aint there. I ran find, tried exploring the programme files... every damned thing I could think of but it couldn't be found.

I need sleep then a bigger hammer to fix this damned thing.

It really sounds like the virus fucked up your PC. If you can afford $35, Microsoft provides per incident telephone support that's damn good. I've used it twice. Good luck.

 

[kiwiwolf]

It really sounds like the virus fucked up your PC. If you can afford $35, Microsoft provides per incident telephone support that's damn good. I've used it twice. Good luck.

Thanks for the help Miles. It's appreciated man. I might come back later today after I've had some sleep and try again. I'll try getting hold of Draco. kj and her hubby need this machine for their business so it's pretty vital it is up and running. Have a good day and Happy New Year in advance.

 

[Worm]

Those damn worms!!!

 

[fgarvb1]

At this point i would wait for WH or Draco.

I'd bet its going to take some DOS surgery and the start up disk if she doesn't have to wipe the hard drive and reload windows.

I also have had to call microsoft's money line however, i'm not sure they would get off into the middle of this.


Does she backup her files in some way?

I don't guess it would be as simple as using some kind of restore already program on her computer

 

[Debbie]

Thanks man. Draco actually built my system for me and it rocks. The problem is kjtatts system was the original one out of the Ark. I've sent out PMs but so far no answers.

The worm concerned is the Yaha worm if that helps at all but the real problem is getting rid of the AVG programme.

Yaha worm.

http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_YAHA.E

Good luck kiwiwolf.

 

[Draco]

Kiwiwolf, Hi there, sorry I'm so late, but check your PM's and get KJ to phone me (numbers are in PM). I'll walk her thru a "safe mode" un-install and get her all back and running again

Cheers to all of you guys and girls for the rep....

Draco

 

[kiwiwolf]

Kiwiwolf, Hi there, sorry I'm so late, but check your PM's and get KJ to phone me (numbers are in PM). I'll walk her thru a "safe mode" un-install and get her all back and running again

Cheers to all of you guys and girls for the rep....

Draco

No probs mate! I'll text her and get her to ring you.

Hey and Happy New Year to ya buddy. League season soon.

 

[Guru]

 

[Guru]

 

[Draco]

OK, I have done some reading on this one, and now understand why you cant access Add/Remove Programs or Regedit. The sneaky little worm does some serious damage to the SHELL section of the Registry and stops the execution of a lot of files (namely EXE's). It required some DOS tinkering to fix.

Cut/Pasted from this Page @ Trend Micro:

http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_YAHA.G

"Addressing Registry Shell Spawning

Registry shell spawning allows the malware (virus) to execute instead of the intended file when a user tries to run an EXE, PIF, COM, BAT, or HTA file."

Disclaimer: I will not post the actual registry fix here. If you want it, PM me. I will not be held responsible for any damage that Registry 'hacking' causes to any users system.

Draco
K C Computers & Laptops
Christchurch
New Zealand

I'll look forward to your/her call.

Happy (pissed, blind, smashed) New Year to you too buddy.