Now that you’ve told us about the Trojan Flooder threat, is there any way to fix it?
There sure is and I’m glad you asked. It was only yesterday that I shared the news with all of you about the Trojan Flooder.AKE risk (see yesterday’s quick tip) and already, several of you have e-mailed me, asking me how you can fix it. I had planned on following up with this information, but now I know there is a great need for it, so I won’t waste any more time!
Before I begin with that, I just want to fill in anyone else who has not heard about this yet. You can certainly go back and read yesterday’s quick tip for the whole scoop, but just briefly, the Trojan Flooder is a threat that is affecting a lot of the AVG antivirus users. They are being tricked into “healing” their computer for the good, but are ending up with a harmful exploit on their computer instead.
If you are an AVG user and have come in contact with this Trojan, it is extremely important to fix it right away. So, here are a couple of suggestions that I was able to find for this. Hopefully, at least one of them will work for you.
1.) First, boot your computer in the Safe Mode form. To do this, turn your computer off and then restart it while pressing the F8 key continuously until the Safe Mode startup menu appears. From there, choose Windows in Safe Mode.
Next, you’re going to uninstall your AVG service. Go to Start, Control Panel, Add/Remove Programs. Find its applet and click the Remove button. When that’s done, restart your computer and then reinstall the AVG program and do an immediate update on it. That should take care of the Trojan and all of its components. If not, try the second suggestion below.
2.) Again, boot up your computer in the Safe Mode form. (Follow the same directions listed above to do this). Once there, choose Windows in Safe Mode.
From there, go and find the folder of C:\WINDOWS\system32\drivers\. (Double click on the My Computer icon on your desktop, double click the C: drive and continue from there). Next, you’ll need to find a couple of files. Change them as follows:
Change AVGCLEAN.SYS to AVGCLEAN.SY_ and change AVGRSXP.SYS to AVGRSXP.SY_. This will help keep the winlogon.exe file in place like it should be.
Now, the next part involves using the Registry Editor. There is always a risk with working in the Registry. If you make a mistake, it could alter other parts of your computer, so if you’re not 100 percent sure you know what you’re doing, please find someone who does. It’s very important!
When you’re ready, go to Start, Run, type in “regedit” and click OK. Once there, find the registry key of HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AvgClean. Now, go and remove the “__delete” value from the right window pane. Then restart your computer back in the normal Windows mode.
You should also make sure you update your AVG service to fulfill the latest virus base version. To do that, open the AVG program or the AVG Control Center. Then press F9 to get the current updates. Once you’re all set with that, you have to go back and rename the same files you changed earlier. Find the C:\WINDOWS\system32\drivers\ folder again and change the following files.
Change AVGCLEAN.SY_ back to AVGCLEAN.SYS and change AVGRSXP.SY_ back to AVGRSXP.SYS.
Once you have that done, you need to restart your computer again and then just make sure the AVG Resident shield loads again. This will keep you the safest. Well, there you go. Hopefully one of those suggestions will work for you and you can be rid of the Trojan Flooder for good. You can’t beat that!