avg not updating
Posted: Fri Nov 28, 2008 12:16 pmClient has a Vista PC without SP1 of Vista
Avg tries but cannot find server when updating.
problem is that the DNS System has been modified to use 85.255.112.74;85.255.112.191
if you remove these DNS Servers they will show up again
if you add a new DNS Server the screen will show 85.255.112.74;85.255.112.191 before you have a chance to type the ip address,
If you edit the registry you can find these fake DNS Addresses in multiple Interfaces
HKLM\System\CurrentControlset\Services\Tcpip\Parameters\Interfaces\
HKLM\System\Controlset001\Services\Tcpip\Parameters\Interfaces\{63DDBD03-....}
DhcpNameServer 85.255.112.74;85.255.112.191
NameServer 85.255.112.74;85.255.112.191
Tried removing these from the registry
however ipconfig /all
shows these 85.255.112.74 DNS Servers still there.
Tried Install Windows Vista Service Pack1
now am able to remove the DNS Servers 85.255.112.74;85.255.112.191
Tried running AVG Anti-Rootkit scan
found a hidden driver called a16ofwn5.sys in c:\windows\System32\Drivers folder
When I tried to remove the above rootkit at then of the AVG rootkit scan, it would not remove had access denied.
Also as PC starts up after loging in I get this error from AVG
Unspecific error occured in AVG
Would you like to send diagnostic data to the AVG Technical support department for further analysis
Click Yes
I restarted the laptop and did another root-kit scan
this time the root-kit was called amiy9lry.sys in c:\windows\System32\Drivers folder
next re-boot and root-kit scan gave
a9sg42hc.SYS
a834cj66.SYS
Avg tries but cannot find server when updating.
problem is that the DNS System has been modified to use 85.255.112.74;85.255.112.191
if you remove these DNS Servers they will show up again
if you add a new DNS Server the screen will show 85.255.112.74;85.255.112.191 before you have a chance to type the ip address,
If you edit the registry you can find these fake DNS Addresses in multiple Interfaces
HKLM\System\CurrentControlset\Services\Tcpip\Parameters\Interfaces\
HKLM\System\Controlset001\Services\Tcpip\Parameters\Interfaces\{63DDBD03-....}
DhcpNameServer 85.255.112.74;85.255.112.191
NameServer 85.255.112.74;85.255.112.191
Tried removing these from the registry
however ipconfig /all
shows these 85.255.112.74 DNS Servers still there.
Tried Install Windows Vista Service Pack1
now am able to remove the DNS Servers 85.255.112.74;85.255.112.191
Tried running AVG Anti-Rootkit scan
found a hidden driver called a16ofwn5.sys in c:\windows\System32\Drivers folder
When I tried to remove the above rootkit at then of the AVG rootkit scan, it would not remove had access denied.
Also as PC starts up after loging in I get this error from AVG
Unspecific error occured in AVG
Would you like to send diagnostic data to the AVG Technical support department for further analysis
Click Yes
I restarted the laptop and did another root-kit scan
this time the root-kit was called amiy9lry.sys in c:\windows\System32\Drivers folder
next re-boot and root-kit scan gave
a9sg42hc.SYS
a834cj66.SYS