Possible Virus and security problems - Win32/PowerRegScheduler
Operating program: XP Home editionModel: Samsung N140Issue: Security problems and possible virus infection hi,I'm sorry I don't really have a great understanding of computer viruses so I'm not sure what information is relevant. I think most of the following suggests a virus infection:I recently updated my free version of AVG Anti-virus Free to the new 2011 edition. During the installation it encountered some error ( I can't remember the details, possibly missing dll files) so I decided to cancel, restart my laptop and try again. When my laptop starting loading up it said that there had been a problem a windows had started a disk check on the C Drive. It came out clear and so I booted up and installed the AVG software. This seems to be the point at which the following problems started. It may have been unrelated but it seems to me like an opportunity where my laptop's security was compromised.Since the installation I have had a number of security issues. I first noticed security warning balloons popping up on startup alerting me that either my firewall or my anti-virus software was in-active. I haven't installed any firewall and am relying on the xp security firewall at the moment. My laptop has anti-malware/spyware called "Spybot Search and Destroy". As previously mentioned my anti-virus is AVG Free edition. The firewall when checked would read turned off until the computer neared completion with regards to booting all backround programs, and the anti-virus and anti-malware programs would read the same, if they loaded at all. (Also, I'm not sure if this is relevant, sorry again, but the menu bar at the top of the AVG software flashes briefly when you hover over a button, briefly displaying a different menu panel beneath :S )As I try to keep my computer up to date for all programs, I check for windows updates regularly. For the first two weeks (prior to the avg installation issues) I didn't have an issue but more recently Windows update has repeatedly stopped responding once started and only after several attempts of closing the program and restarting it again will it workHaving read briefly about the most current virus threats (Win32/Sality.AM, containing similar symptoms) I decided to use the Windows Live OneCare safety scanner. It has detected a medium threat program: Win32/Power Reg Scheduler. This program has not appeared when I have run this scan before and nothing appeared on an AVG scan at all.The full details are as follows:Program: Win32/Power Reg Schedulerc:\Program files\installshield installation information\ {f31bc49f-ab7b-4a53-a399-eb7331b585bc}\data1.cabafter a failed attempt to remove it also stated:detected: (inshld#0004)\[rsrcemb] Any advice on how to remove the virus if it is indeed one would be helpful and most appreciated. I would use anti-virus software to remove it but the AVG software doesn't locate an issue and the Windows Live one care scanner fails to clean it. If it doesn't look to be a virus any other help with resolving the security issues would be helpful. Thanks for any help and I'm sorry about the length of this article. I would shorten it but I don't really know what is and isn't important.MrPanda1 person needs an answerI do too
November 7th, 2010 4:01pm

<https://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?name=Program%3aWin32%2fPowerRegScheduler&threatid=9940> Because you had one piece of malware, the chances are also high that you had others.It would be a good idea to scan.I recommend downloading and installing MalwareBytes' Antimalware (MBAM) and SUPERAntiSpywae (SAS).Do a FULL scan with MalwaeBytes' and SUPERAntiSpywae.<http://www.malwarebytes.org/mbam.php>Reboot<http://www.superantispyware.com/>RebootThe programs are free. The free version lacks the real-time protection (There is a paid version but you don't need to buy it to remove malware.) Following the instructions on this site should help you:<http://www.bleepingcomputer.com/virus-removal/remove-tdss-tdl3-alureon-rootkit-using-tdsskiller>
Free Windows Admin Tool Kit Click here and download it now
November 7th, 2010 5:16pm

I've downloaded all three of the softwares in the link's above but none of the programs found the Win32/PowerRegScheduler problem that the Windows Live One Care scanner highlighted. The only problems identified were tracking cookies by the SuperAnti-Spyware progam.Does this mean that the Win32/PowerRegScheduler program isn't a problem as non other program has highlighted it?I'm still having the same problems as before with security software and microsoft update. My laptop also seems to be running much slower, presumably because AVG backround processes use 4 times as much Virtual Memory as actual memory. Some AVG pocesses (avgcsrvx.exe and avgnsx.exe) use 40 times as much and 60 times as much virtual memory than actual memory, shown in windows task manger.Any advice about resolving these problems would again, be much appreciated.MrPanda
November 8th, 2010 2:58am

What happened is that when the install failed, it left "garbage" files that are trying to work, but cannot properly function. Those files are what caused the error you are having. My advice, is to first perform an un-install of the avg anti-virus (I say this because from what your first post said, you had a corrupted/faulty update from the old version (2010 I'm guessing)). After you un-install AVG AV, double check that all the avg files have been properly removed. After this, install AVG AV from the downloaded install. Here's a link to the avg homepage, they have the free download listed on the front page:http://free.avg.com/us-en/homepageHope this helps! If it doesn't, feel free to email me at:Email removed for privacyI'll do what I can to help you out.
Free Windows Admin Tool Kit Click here and download it now
December 11th, 2010 11:36am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics