AVG says virus bitsprx.dll (also bitsprx2.dll, bitsprx3.dll) - Urgent help please!

Hello!

I have read your manual what should I do with the virus or malware. I scanned it with ccleaner, spybot, and now finally I did the scan with AVG Anti - spyware.
First of all, AVG antivirus says that it's a virus and it cannot be deleted or moved to virus vault. AVG anti - spyware found out that it is a Trojan and I was able to move it to quarantine.

My question is, how and what should I do next? I want to delete this file, because I think it's not good to be it in quarantine.

Thanks,
Lauri

 

Re: AVG says virus bitsprx.dll (also bitsprx2.dll, bitsprx3.dll) - Urgent help please

Also I found out that bitsprx.dll works under my IE....Should I uninstall it and then update it to the latest version again?

 

Re: AVG says virus bitsprx.dll (also bitsprx2.dll, bitsprx3.dll) - Urgent help please

So I'll upload some files to you to check them.
http://forums.majorgeeks.com/attachment.php?attachmentid=79111&d=1199011539
http://forums.majorgeeks.com/attachment.php?attachmentid=79110&d=1199011539

 

Re: AVG says virus bitsprx.dll (also bitsprx2.dll, bitsprx3.dll) - Urgent help please

Also I have scanned my computer with VundoFix V6.7.7 and it shows nothing. But still I am getting the message that bitsprx.dll is infected with Trojan.

Any Ideas?

 

Re: AVG says virus bitsprx.dll - Urgent help please

So what else did i found out. I found out that bitsprx.dll is in two places in the windows registry (HKEY_CLASSES_ROOT and HKEY_CLASSES_MACHINE)
in the directories of CLSID and there you can find bitsprx.dll file. You cannot delete them. I wonder that in the safe mode those registry keys aren't written to there so that malware must be written in the startup of Windows.
I couldn't locate any suspicious .exe files in the msconfig, services.msc and Task Manager.

Also I found out that every time i open IE browser, it shows that viruse hault message that virus found bla bla blaa....

 

Re: AVG says virus bitsprx.dll (also bitsprx2.dll, bitsprx3.dll) - Urgent help please

Hi lauri143!
Welcome to Major Geeks!

In order to help the most people in the shortest amount of time, we try to do things in a methodical way. First I need to ask you if the links you posted in post #3 are live links to malware?

Secondly, in order to be of any use to you at all, we need to see the logs we requested in the READ & RUN ME FIRST

It is very rare for one virus to be alone. If you want us to help you, please complete the instructions and post the combofix, avg-antispyware (if there is one) and MGlogs.zip logs to us.

Thanks!
abri

 

Re: AVG says virus bitsprx.dll (also bitsprx2.dll, bitsprx3.dll) - Urgent help please

Hello abri!

No, these link i posted in the 3rd post are not malware. I just could not attach files to this post like there was written in the manual... So I just copied the link location from my user interface. There are 2 files:
1) ComboFix.txt
2) MGlogs.zip

So if you have read all my 5 or 6 posts then you can understand what's my problem. I just can't get rid of that bitsprx.dll file which is connected somehow to the IE (Browser Helper Object) - it cannot be removed any of these programs....

PS! Now I got this attachment correctly to work. The problem was that it didn't identify files from my memory stick. It wanted to have files in the local computer.

Waiting for a response!

Best wishes,
Lauri

 

Re: AVG says virus bitsprx.dll (also bitsprx2.dll, bitsprx3.dll) - Urgent help please

Also this bitsprx.dll is called as a Trojan.BHO.abo file....

Any luck with my files with that previous post?:confused

 

Re: AVG says virus bitsprx.dll (also bitsprx2.dll, bitsprx3.dll) - Urgent help please

Hello?
Is anyone dealing with my problem too?

I attached the 3 files you wanted, but as I see, no-one hasn't clicked it yet...0 views....:cry

 

Re: AVG says virus bitsprx.dll (also bitsprx2.dll, bitsprx3.dll) - Urgent help please

Hello and thank you for your reply.

Now I know that I shouldn't done that. Just the problem was that I found out myself something and wanted to write it to here too that you guys can fix the problem out quicklier.

So the avenger deletion did not help. Also I wasn't able to delete those files manually nor in Safe Mode.

So I attached new MGLogs.zip and avenger.txt files. Both of these didn't help me at all...

PS! I tried to log in with a different user and used a FTP client to log in with this Terri account. It also didn't help.

Any other solutions?


Regards,
Lauri

 

Re: AVG says virus bitsprx.dll - Urgent help please

hi chaslang,

I did what you have told me to do. This virus is very annoying. After running the HJK and I pressed Fix - the virus came to my screen with a window (virus found - bitsprx.dll. It says AVG antivirus).

Did I got you right that I had to put the CFscript.txt file on the top of ComboFix (just to drag it there?). The log file didn't find any infections.

Btw...I have a solution maybe - If I try to boot this computer with a Linux Live CD, so I could maybe delete those files manually from Linux?

I have restarted this laptop and nothing really happened. It is in the same phase as it was yesterday. It is getting me this AVG Threat detection windows - bitsprx.dll found.

You wanted 2 files, so there they are

 

Re: AVG says virus bitsprx.dll (also bitsprx2.dll, bitsprx3.dll) - Urgent help please

Hi Laurie!

Please do the following:

Copy the bold text below to notepad. Save it as fixme.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.

Please let me know if you get a success message with this. If so, post a fresh MGlogs.zip

abri

 

Re: AVG says virus bitsprx.dll (also bitsprx2.dll, bitsprx3.dll) - Urgent help please

Hello abri,

It didn't work...

I got an error message

Cannot import fixme.reg: The specified file is not a registry script. You can only import binary registry files from within the registry editor.

Any other solutions? I think that if I can't get rid of that virus the only way to get rid of it is to format...:cry
=============================================

NB! I sent you a private message of this post. I was able to delete the registry key with this fixme.reg file.

I ran a GetLogs.bat and will post a new MGLogs.zip here...

And btw I still see it in my registry...the same key I just deleted...:S

Thanks,
Lauri

 

Re: AVG says virus bitsprx.dll - Urgent help please

So I went over your steps again. Still didn't find any infections.

Here are 2 files, ComboFix.txt and MGlogs.zip

 

Re: AVG says virus bitsprx.dll (also bitsprx2.dll, bitsprx3.dll) - Urgent help please

Hi laurie!

I would like for you to try the following:

Please go to the link below and download the free 30-day trial version of Kaspersky Antivirus. Download the installation program but do not install the program yet. First disconnect your computer from the internet completely and then uninstall AVG Antivirus via add/remove programs. After uninstalling AVG Antivirus, reboot your computer, but do not connect to the internet again. First install the Kaspersky Antivirus trial version and then allow it to scan your computer. Have it quarantine or delete anything it finds.

Kaspersky Antivirus Trial

abri

 

Re: AVG says virus bitsprx.dll (also bitsprx2.dll, bitsprx3.dll) - Urgent help please

Hello!

I scanned with Kaspersky and it didn't find that bitsprx.dll is a virus. So my question is, what is it then? It's not a windows system file.

bitsprx.dll ; status - "OK" ; Reason - iSwift....

So there was no virus?:S

Detected:
deleted: virus Virus.Win32.Agent.aa File: C:\System Volume Information\_restore{CCA15F78-7193-4CA6-8115-2B570DD6546C}\RP54\A0017957.exe

 

Re: AVG says virus bitsprx.dll (also bitsprx2.dll, bitsprx3.dll) - Urgent help please

Omg...That's a piss *** reason that none of the fixes helped me =/
So, i think ComboFix and that CFscript.txt helped me a lot here.

Here you go the log and txt files.

PS! Should I run HJK also for a complete scan?

 

Re: AVG says virus bitsprx.dll (also bitsprx2.dll, bitsprx3.dll) - Urgent help please

Ok! I did that. I turned the clock back to right date.

But I still have infections. I run a full Kaspersky scan and it shows that some viruses found in C:\System Volume Information and some are in my documents...

 

Re: AVG says virus bitsprx.dll (also bitsprx2.dll, bitsprx3.dll) - Urgent help please

Hi laurie,
did you have Kaspersky fix whatever it found?
abri

 

Re: AVG says virus bitsprx.dll (also bitsprx2.dll, bitsprx3.dll) - Urgent help please

Yes I ran a complete scan. It found some Win32 Trojan-s and I deleted them. But one virus I cannot delete, the one which is located in the "C:\System Volume Information\"

I deleted the catalogue manually, but it keeps coming back and Kaspersky is reporting every time i reboot that, there is a virus when I scan the catalogue.

Any solutions for that?

 

Re: AVG says virus bitsprx.dll (also bitsprx2.dll, bitsprx3.dll) - Urgent help please

What catalogue?

 

Re: AVG says virus bitsprx.dll (also bitsprx2.dll, bitsprx3.dll) - Urgent help please

System Volume Information is common only computers which have installed Windows with Win XP SP1 CD.

C:\System Volume Information\_restore{CCA15F78-7193-4CA6-8115-2B570DD6546C}\RP3 <---there is the virus... those RP1 - RP5 are kind a scary folders...

Any solutions?

 

Re: AVG says virus bitsprx.dll (also bitsprx2.dll, bitsprx3.dll) - Urgent help please

Yes. Do NOT try to delete these files manually. This can cause big problems. Your computer logs are clean. What you are seeing are the Restore Points which we asked you to keep on your computer until we finished with the cleaning instructions. The restore points can be cleaned now by following our final cleanup instructions which were posted to you by Chaslang in post #22. When you follow the final instructions Chaslang posted there, you will see in step 10 that he has asked you to turn off System Restore (as per the instructions), then to Reboot your computer, and finally turn System Restore back on. When you do this, all your previous restore points will be removed and a clean one will be set. Since Kaspersky did not find anything else, I recommend you do this.

Afterwards Kaspersky should not find anything further and you can un-install it via add/remove programs. Be sure to uninstall it only when you are sure you have the installation file for AVG where you can find it. After this, disconnect from the internet, and remove the trial version of Kaspersky via add/remove programs. Reinstall AVG Antivirus and re-connect to the internet.

It is very important while your computer is in this clean stage, that you go to Windows Updates and download all those updates you are missing. ONLY do this after you have set a clean restore point. In this way, if any of the updates cause problems for you, you can return to this one clean restore point.

Thanks.
abri

 

Re: AVG says virus bitsprx.dll (also bitsprx2.dll, bitsprx3.dll) - Urgent help please

Hi abri,

Thanks again for your help. I removed all files reading chaslangs post...So there are no combofix and MGlogs and etc, but...
Now there is an icon next to MSN Live messenger - a black square. This isn't good at all...

Any solutions for that? But the computer itself works well now.'

Regards,
Lauri

 

Re: AVG says virus bitsprx.dll (also bitsprx2.dll, bitsprx3.dll) - Urgent help please

Can you get us a screen shot of that?

 

Re: AVG says virus bitsprx.dll (also bitsprx2.dll, bitsprx3.dll) - Urgent help please

Sure, i will post that tomorrow. The laptop is at work. I can go there tomorrow

I'll post it here then!