Hello Zbynek, thanks for your help! I downloaded and ran Gmer (renamed to tool.exe) three times.
The first time Gmer generated as last entry "AttachedDevice \Driver\Tcpip\Devidce\Tcp" and then a window came "In tool.exe an error occurred and has to be closed.". I saved a screen shot called Gmer first run.JPG, to be uploaded to you with AVG_Uploader_Pro_en.exe.
The second time Gmer got further, until scanning my files, generating as last entry "c:\windows\application data.…" and then a blue screen of death appeared, no screen shot could be saved.
So the third time I ran Gmer first with only System until Registry checked, Files unchecked (it crashes there) and generated the file Gmer third run.log. I was surfing the Internet using Seamonkey concurrently, therefore all the Seamonkey-entries.
Then I ran Gmer with System until Registry unchecked and only Files checked. The last screen I could save before the blue screen of death appeared is saved onder the name Gmer third run.jpg.
To get a full Gmer report I followed your instructions on http://support.avg.com/SupportArticleView?urlname=GMER-Scan-Result and ran Gmer 1.0.14. The buttons of this program cannot be clicked anymore once one resizes this window (can you repair this?) but running it and not resizing it, it completes (a lot faster than the orginal Gmer) and the output is saved at Gmer114.log.
To save the Scan report of AVG following your instructions at http://support.avg.com/SupportArticleView?urlname=AVG-scan-result-export was first impossible since the scan was hanging (there were no scan results to double click). So I chose Options, History, Scan results, double clicked the last result I was able to interrput before it hanged and saved it as avg scan result.csv
Then I uploaded to you Gmer first run.JPG, Gmer third run.log, Gmer third run.jpg, Gmer 114.log and avg scan result.csv. It is saved under the name jgamleus@dds.nl_20101116.7z
What should I do now? AVG is still hanging scanning my processes.
Thanks for your help!
Han
Hello Zbynek, thanks for your help. It was not possible for me to write a cd on my infected laptop, I think because of the virus, so I made the AVG rescue cd on someone else's.
Now I have a 8 Mbps Internet connection, but the AVG rescue cd downloads the virus updates from the Internet at an incredibly low speed, it takes hours to get one of several files. Can something be done about that?
I saw in the AVG rescue cd menu that updates can also be downloaded to hard disk and loaded from hard-disc off-line. I found the page Download Free Antivirus Software for PC | AVG Virus Protection and downloaded under Windows at normal speed all 7 available files to c:/ but when read from c:/ with AVG rescue disc I got 'update failed: update was cancelled'. What should I do?
Thanks for answering the two questions.
Han
Hello Zbynek, thanks for your help! I downloaded and ran Gmer (renamed to tool.exe) three times.
The first time Gmer generated as last entry "AttachedDevice \Driver\Tcpip\Devidce\Tcp" and then a window came "In tool.exe an error occurred and has to be closed.". I saved a screen shot called Gmer first run.JPG, to be uploaded to you with AVG_Uploader_Pro_en.exe.
The second time Gmer got further, until scanning my files, generating as last entry "c:\windows\application data.…" and then a blue screen of death appeared, no screen shot could be saved.
So the third time I ran Gmer first with only System until Registry checked, Files unchecked (it crashes there) and generated the file Gmer third run.log. I was surfing the Internet using Seamonkey concurrently, therefore all the Seamonkey-entries.
Then I ran Gmer with System until Registry unchecked and only Files checked. The last screen I could save before the blue screen of death appeared is saved onder the name Gmer third run.jpg.
To get a full Gmer report I followed your instructions on http://support.avg.com/SupportArticleView?urlname=GMER-Scan-Result and ran Gmer 1.0.14. The buttons of this program cannot be clicked anymore once one resizes this window (can you repair this?) but running it and not resizing it, it completes (a lot faster than the orginal Gmer) and the output is saved at Gmer114.log.
To save the Scan report of AVG following your instructions at http://support.avg.com/SupportArticleView?urlname=AVG-scan-result-export was first impossible since the scan was hanging (there were no scan results to double click). So I chose Options, History, Scan results, double clicked the last result I was able to interrput before it hanged and saved it as avg scan result.csv
Then I uploaded to you Gmer first run.JPG, Gmer third run.log, Gmer third run.jpg, Gmer 114.log and avg scan result.csv. It is saved under the name jgamleus@dds.nl_20101116.7z
What should I do now? AVG is still hanging scanning my processes.
Thanks for your help!
Han
Hi Han,
For help on your issue please refer to this article.
Thanks
Hello, my AVG hangs on scanning the process c:\windows\system32\csrss.exe. Running online virusscanners gives similar resutls, installing a host of other virus removal tools is blocked during the installation process. What should I do? Thanks so much for your help.
(posted three postings with Sysinfo, third posting there is the same as below)
Dear Zbynek and technicians from AVG
The problem is solved. I have been swapping hard discs lately from 3 Compaq Evo N1020v's and 1 Compaq Evo N1005v I possess. I just swapped the hard disc of the N1005v, where AVG did not come beyond scanning the csrss process, with the hard disc of a N1020v, where it passes that process. Result? While the AVG's were now scanning entirely different discs, the N1005 still did not come beyond that csrss process, while the N1020v still passed it… (And my "faulty" hard disc was not faulty at all! Hence the zero infections)
So the passing of the process is not determined by the hard disc, but by the computer! Perhaps you can explain it. There is a slightly different processor in the two types of computer. And one type of computer has USB 1.1 ports, while the other has USB 2.0, I discovered. Perhaps a processor cannot come beyond certain data generated by another processor?
Earlier, I made the "faulty" disc, with all my files on it, on a N1020V, of which the hardware broke down, and inserted then the disc in a working N1005V, and did not experience any problems until the hanging on csrss. I still wonder why the other hard disc now does not come beyond that process. I guess it came from another N1020v and I have to rotate the discs until the original N1005 disc is in the N1005v laptop? Then the rule would be never switch hard discs of (slightly) different models, only the same model?
The website www.toolslib.net with Adwcleaner still cannot be reached by IE and still can by Mozilla browsers. So this only looked suspicious, but is intended and normal?
Hope to hear the good explanation and recommendation from you.
Thank you for all the help so far. If you had not provided GMER and the updated ARL that produced finally zero infections, I wouldn't have been this far.
Han Leushuis.
Hi Han,
For help on your issue please refer to this article.
Thanks
Hi Han,
If I understand it well you switched hard drive with installed system on it from different PC? If so that might be issue you can't use system installed in different PC without any issues.
Thanks
Hi Han,
In order to analyze it please provide us with GMER and AVG scan result export.
Thanks