Avira PE classic found Gen trojan

Things started going haywire I could not access my hallmark card program it says application failed to start b/c MSVCR 70.dll was not found reinstall may help I went to add/remove and it wouldnot let me remove.
I came here and started do before posting and I got to remove 2 ole sunjava in add and remove programs and it saysWindows installer service could not be accessed this can occur if you are running windows in safe mode (which I am not) or if not correctly installed.

I continued on to try to do what I could reset the msconfig after restart I got the message Messenger Plus has not been properly installed please download and install.

when I tried to install super anti spy it says the same as above about the windows installer not being properly installed.
please advise me what to do.
the last time I got help yall had to help me with the windows installer but I have not had a minutes trouble until this trojan gen showed up
thanks in advance
stephanie

 

Hey Tim,
Thank you for your time. I unistalled Messenger Plus a good while back I had trouble with zone alarm uninstalled it and followed a posting here then which also caused a problem with windows installer we also got that fixed here too or so I thought. when I went in on the run and read me first step and checked the ms config is when the messenger plus message showed up. I did get the mgtools to run though and attached log I hope. I have tried again to remove the old versions of java and add and remove still will not let me. Avira again popped up HTML/Crypted Gen now it will not let me quarentine it jumps back to deny.

 

Hey Tim,
Just the same as the other day I went to add and remove programs click on the appropriate program
Java(TM) SE Runtime Environment 6 Update 1
J2SE Runtime Environment 5.0 Update 6

and I still get the message below

I got to remove 2 old sunjava in add and remove programs and it says "Windows installer service could not be accessed this can occur if you are running windows in safe mode (which I am not) or if not correctly installed"

I did get windows messenger removed with the assigned program or it appeared to work properly.

I did not proceed with the rest of your fix until I have your permission since I could not remove the above Java programs I thought that might created more problems.

As of this posting I could not get the Avira to pop up the warning again but a box comes up and says avira has detected " HTML/Crypted Gen "
what do you want to do it gives 4 choices I think the deny choice is already ticked and if you tick the quarentine choice it automaticly goes back to the deny choice.

Thanks
Steph

 

Tim
The SAS still will not run it continues to give me "Windows installer service could not be accessed this can occur if you are running windows in safe mode (which I am not) or if not correctly installed" message. I did however get the MWB to run and I did the fix without problems. MGtoolls log also.:confused

 

Tim,
I am sorry for that I meant I did the fix you had listed, but I rescanned and clicked the MWB fix also and redid MGtools. Still cannot do the SAS.

 

Tim
the windows installer cleanup gives the same message as the others, "Windows installer service could not be accessed this can occur if you are running windows in safe mode (which I am not) or if not correctly installed. whether I try to run or install. I only see one thing obviously different from before but when I log out and back on I get a screen with two little strange carictures in an odd looking language you click on it and it goes away and of course the issue with the windows installer started when this stuff showed up. :cry

 

Tim,
After I posted the above I thought I really don't know what problems I still may have so I again tried SAS would not run but Spybot Search and Destroy did run and found My Way. My Web. Combo Fix also ran this time like it should I think I will attach the combofix log. The main thing i notice now is that add and remove programs still will not work and gives that notice about Windows installer. I have a Hallmark card program that I use quite a bit also it quit working when this stuff started showing up it gives the message " application failed to start because MSVCR 70.dll was not found reinstall may help but when you go to add and remove it gives the windows installer message too.

 

Tim,
I think I did all that you asked without a problem just now the updates for xp 3 came up, but the add and remove programs still does not work nor the other has not changed do I need to post a log or something?
stephanie

 

One thing did start to work now after definitions update Adaware se Personal log attached.
Thanks again for all your help
Stephanie

 

Tim
I still seem to be having the unusable Hallmark program, add and remove programs not working, some windows updates seem not to be installing.The computer is running faster.I got a success message after merging.

 

Tim
bitdefender scan reports no problems :-D

 

Tim,
I left SAS and hope when every thing is done it will work and if it does I will run and use it. We did not use pocket kill box this time but I do have an old log file in c:\ should I just delete it?
I uninstalled combofix.
Add and remove programs says no hijack this.
deleted MGlogs ect
microsoft updates has some that fail over and over.
windows installer error still comes up some times with error 1719.
add and remove still does not remove java and other things.
system restore turned off and on new restore point created.
will try to work through the thread.
Do you think the paid versionof RegCure would cause me these problems? I got it back in january it scanned yesterday on its on and is giving some errors that I did not let it fix until I came back here.

thanks again
steph

 

Tim
Thank you very much for all your help. I will visit the soft ware forum for my other problems. I have been coming here for years now and you folks are the greatest in my book:cool

Steph