Well I tried this...
AVG Forums - How To Clean An Infected Computer?
Here's what it says to do...
At the first day I did that it started working...
At the second day I started getting crash windows...
The next week my computer is starting to slow down?
Now that I got AVG it says I have a trojan a week and 2 days after that. Whats going on? Did I delete a security program?
Here's the thing I deleted:
C:\Windows\System32\drivers\gxvxcttwqpxcctxtbiqqbgilpidyndmyxtmhr.sys (something like that)
If that's a security risk please tell AVG to take down that forum now because it crashes my computer whenever I get 160 FPS while playing games.
AVG Forums - How To Clean An Infected Computer?
Here's what it says to do...
Code:
[COLOR=red][B]Remember to be careful - Use These Steps At Your Own Risk.[/B][/COLOR]
- Download the Gmer utility from this website:
[url=http://www.gmer.net/]GMER - Rootkit Detector and Remover[/url]
- Extract it and then rename the GMER.EXE file to other name (if an archive was downloaded)
- Run GMER
( by renaming GMER.EXE to another filename, a malware rootkit can't hide as easily from it )
If the first quick scan has found a rootkit service:
Example:
Service system32\drivers\gxvxcvpbvtumncstfvticowxrierpmyrdhrpp.sys (*** hidden *** ) gxvxcserv.sys <-- ROOTKIT !!!
- Then choose the ">>>" tab and then the "Services" tab
- Find the service(s) labeled in red, right-click on them and then choose disable/delete
- restart computer and run Gmer again
If the first quick scan found nothing, please use the "Scan" button to start a full scan.
If the following lines are shown in the scan results:
.text ntoskrnl.exe!IofCallDriver
.text ntoskrnl.exe!IofCompleteRequest
- stop the test, then right-click on them and choose "Restore code"
- close and re-run Gmer again
If there is some similar line(s) shown (with the ROOTKIT mark) in the scan
result:
File
C:\Windows\System32\drivers\gxvxcttwqpxcctxtbiqqbgilpidyndmyxtmhr.sys 46592 bytes executable <-- ROOTKIT !!!
- choose the ">>>" tab and then select the "Files" tab
- in the file manager find and then highlight the file(s) and the click the "Delete" button ( you probably should backup the file first by using the "Copy" button to back up the files first just to be on the safe side ) then remove them using the "Delete" button.
- restart computer and run Gmer again
If some rootkit service is detected again and again after following the above steps, or it is not possible to delete it from within Gmer (the Delete option is grayed-out), please follow these steps:
- open Registry Editor (menu Start -> Run -> enter "regedit" and confirm OK)
- find this key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
- find the mentioned rootkit service name in the list, right-click on it and choose "Permissions"
- click on "Add" button, in the form enter "Everyone" and click "Check Names"
- confirm the changes by clicking OK, OK...
- now it should be possible to right-click on mentioned service and choose "Delete"
- restart computer and run Gmer again
If the rootkit is still not removed or you have some other suspicions, please provide us with the Gmer scan output:
- after the testing is finished, click the "Save" buttonAt the first day I did that it started working...
At the second day I started getting crash windows...
The next week my computer is starting to slow down?
Now that I got AVG it says I have a trojan a week and 2 days after that. Whats going on? Did I delete a security program?
Here's the thing I deleted:
C:\Windows\System32\drivers\gxvxcttwqpxcctxtbiqqbgilpidyndmyxtmhr.sys (something like that)
If that's a security risk please tell AVG to take down that forum now because it crashes my computer whenever I get 160 FPS while playing games.
