Hi,

I have turned my laptop on today and it has come up with a Threat Detected box. The file is a Trojan horse Hider.MPR.

Filepath is C:\Documents and Settings\---------\Local Settings\Temp\vrximntq.sys

(The ------ is my name)

The resident shield says that the "Object is inaccessible" so cant delete it. I started a full computer scan and it started then finished immediatley after scanning 0 files. The laptop wont connect to the wireless network connection (or if it does, it drops out straight away) and thus cannot update AVG.

I am using AVG Version 10.0.1392
Virus database version: 1520/3827

Any help will be very much appreciated. I looked at the "read before posting" thread about screenshots etc but as above, cant connect it to internet to upload.

The laptop is running windows XP Professional.

Thanks,

willxgu

UPDATE: The laptop now says it is connected to the wireless internet connection, but when i try to update AVG it keeps saying it was unable to connect with the update server.

AVG has now removed 9 Win32/Zbot.G from dll files (application data files for Java and spotify)

Hello willxgu,

please provide us with GMER scan results and Msinfo output to better analyze.

Thank you
___________________AVG TeamHow-To articles | FAQ

Dear moderators and manager,

Have a look @ this:

@ fahadhasin96

The 'update statement' was actually featuring in the original user willxgu thread posting even before Pokornyz posted!

---

AVG Free Volunteer ModeratorAVG Free Forum member since - Nov. 27, 2004My total posts on the Old AVG Free Forum - 27,063
Alan

---

How-To articles | FAQ

I am sorry....

I too have this problem. :(

The trojan re-appears after every reboot and has blocked internet traffic to the AVG sites and forums, and every other mainstream virus removal site. I managed to get out onto the internet by using a webproxy, but have so far failed to remove the trojan. The hosts file appears untouched, so it must be doing something in the registry.

Also the AVG Whole system scan, finishes after scanning no files at all. I have tried to alter the scan, but it always results in 0 files scanned.

Attached is a zip file of the gmer output, msinfo32 and the resident/scan csv files. Hopefully you can help me.

Thanks.

Hello yaquaholic,

The virus may be hiding in system volume infromation folder according to the analysis of attached logs. In order to successfully remove virus residing there, please follow this how to article.

Also please provide us also with Gmer anti-rootkit scan results so we can analyse the issue further.

Thank you.
___________________AVG TeamHow-To articles | FAQ | Free SupportWe Protect Us

Help..

I am having the same problem

when turning on my computer is comes up with a "windows command processor" promt, i try to cancel this but its keeps coming back up. When i select continue it comes up with threat found "trojan horse hider.mpr"
i have run numerous avg scans and downloaded your recommended malware sofware. i have also tried what has been said in this thread but nothing is working.

Any suggestions?

Hello brianfantana,

We need more information and data to suggest proper troubleshooting steps.

Please provide us with both Gmer scan results, Msinfo output and AVG Anti-Virus scan results for further analysis.¨

Thank you

EDIT BIG AL 43.. 'provide us' link amended.

---

AVG Team
How-To articles | FAQ | Free Support
We Protect Us

Computer not working? Laptop slowing down?
Let our AVG TechBuddy expert remotely fix it for you.
Find out more (US & Canada)

HI,

I've got the exact same problem as the initial post by willxgu

c:\Users\-----\AppData\Local\Temp\xawcwdxv.sys

see attached the msinfo file and anti-rootkit scan.

I could not start the autostart scan, even after following all the instructions.

Thanks for your help.