Good day.
AVG identifies Agent3.ATLI infection on my HP box running Windows 7 Premium OS.
I receive messages similar to "system32\wuauclt.exe (2548):\memory_00010000". Many other EXEs are affected in the same manner.

All attempts to clear are unsuccessful: I tried normal AVG full scan, AVG rescue CD with latest updates (I ran almost all updates that were made available in the past 3 days).

Unfortunately, an update from 12/31/2011 at 7:33 AM was fatal to the system - I was not able to reboot it after running that update. Finally, the system was "kind" enough to offer me a choice of a "safe" reboot. And that, somehow, self-fixed the reboot issue. Agent3.ATLI still exists.

Another unfortunate fact I face is that all of my backups were made with the infection present in the system. I have to restore the system to the factory image now. Darn!

Any ideas on how to clear the virus off of my PC before I start that horrible rollback?
Appreciate the soonest response.

Thank you.

Here's what I have:
Windows 7 on an HP desktop box
AVG 2012 - Free edition 2012.0.1901, DB - 2109/4717
No other antivirus software installed

@ munhausen

Please provide us with Gmer scan results Msinfo output and AVG Anti-virus scan results for further analysis.

---

AVG Free Volunteer ModeratorAVG Free Forum member since - Nov. 27, 2004My total posts on the Old AVG Free Forum - 27,063
Alan

---

How-To Articles | FAQ | Free Support

here it is. Thank you!

P.S Autostart->scan on GMER tool produced no results.

Hello munhausen,

Can you please confirm that drive J with size of 100MB is legitimate (created by you or system backup)?

Please run AVG Anti-Rootkit scan, reboot the computer and run AVG Anti-Rootkit scan again and provide us with results.

You may also follow this thread how the other user was able to deal with similar infection.

If you have any questions or if you need any assistance please feel free to ask here on forums.

Thank you.
___________________AVG TeamHow-To articles | FAQ | Free SupportWe Protect Us