Steve said:
I have the above proccess running. (avserve2.exe) I have no idea what
it is or what it does, but it is taking up a ton of CPU time, and
goes mad when ever I am on the internet. I can end the process by
selecting ctr alt delete, but it reappears every time I boot my
system. I would like to delete this file, but I can not find it
anywhere. This only started this morning. Can anyone help with this
Congratulations! You have a virus!
http://securityresponse.symantec.com/avcenter/venc/data/w32.sasser.worm.html
http://securityresponse.symantec.com/avcenter/venc/data/w32.sasser.b.worm.html
There are removal instructions there for both versions
(including tools to help you.)
Know that even if you have the normal updates for Norton, the definitions
for "B" were added on May 1. You can go to Symantec's site and get the
manual update if you like.
If it starts to shutdown on you, click Start > Run, and enter "shutdown -a".
(no quotes.) That will stop the shutdown and let you continue fixing.
Note that Microsoft is not sending you patches in emails nor should you EVER
open attachments you did not expect in emails.
My other suggestions to you include:
Please Notice that if you use AOL, you should at least upgrade to 9.0 or
greater before doing any of the fixes. I know you can get AOL 9.0 at almost
any convenience store, gas station, super market or other retail outlet in
the world, so this should not be a problem.
Turn on that firewall...
http://www.microsoft.com/WindowsXP/home/using/howto/homenet/icf.asp
(It has been reported that it now works with AOL 9.0+)
Make sure you have all the updates (critical) installed from:
http://windowsupdate.microsoft.com/
(Scan for updates, Review and Install)
Get rid of the spy/ad/mal-ware..
(Yes - using MORE than one of these..
I recommend at least the first three. Also..
UPDATE the definitions for them before using.)
Spybot Search and Destroy
http://www.safer-networking.net/
Lavasoft AdAware
http://www.lavasoft.de
CWSShredder
http://www.spywareinfo.com/~merijn/downloads.html
Hijack This!
http://mjc1.com/mirror/hjt/
I also like "The Cleaner" and "SpywareBlaster" and "SpywareGuard".
-
http://www.moosoft.com/
-
http://www.javacoolsoftware.com/
The first is a PAY product, but useable for 30 days - it has found and
eliminated problems in the past the others did not. The latter two are
prevention mechanisms. I like SpywareGuard for those with enough processor
to have something running like antivirus software - and it prevents browser
hijacking quite well. SpywareBlaster is a FANTASTIC free product, I suggest
getting this after you cleanup and keeping it updated as well....
And Assortment of Others:
http://spywareinfo.com/
ALSO - Be sure to IMMUNIZE after you clean up. SpywareBlaster and Spybot
Search and destroy both have these features - use both!
After you cleanup your PC somewhat of spy/ad/mal-ware, verify your antivirus
software is updated and run a full scan of your computer. If you have no
antivirus software - get one NOW! Grisoft AntiVirus:
http://www.grisoft.com/us/us_dwnl_free.php
Empty your Temporary Internet Files and shrink the size it stores to about
80 to 120MB (seems to be an optimal size for the normal user)
- Open ONE copy of Internet Explorer.
- Select TOOLS -> Internet Options.
- Under the General tab in the "Temporary Internet Files" section,
do the following:
- Click on "Delete Cookies" (click OK)
- Click on "Settings" and change the
"Amount of disk space to use:" to something between 80MB
and 120MB. (Betting it is MUCH larger right now.)
- Click OK.
- Click on "Delete Files" and select to
"Delete all offline contents" (the checkbox) and click
OK. (If you had a LOT, this could take 2-10 minutes or
more.)
- Once it is done, click OK, close Internet Explorer
- Re-open Internet Explorer.
Uninstall any software you do not use often/ever. (If you have something
installed but never use it, uninstall it.) If you go through Control
Panel -> Add/Remove Programs and see things you seldom if ever use, it is to
your advantage to remove it.
Also, if you are tired of Web Page Pop-Ups/Unders.. You could try the
Google Toolbar.
http://toolbar.google.com/
Stop loading applications at logon.. run MSCONFIG and look under the startup
tab for things you DON'T want to startup! Search the Internet with Google
to discover what things are safe to remove and what things may even be
malware infecting your computer.
Better control your email and lessen the amount of time you spend dealing
with SPAM:
SpamBayes
http://sourceforge.net/projects/spambayes/
or
Spamihilator.
http://www.spamihilator.com