XP repair problem

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

I had a really interesting XP problem today. A friend had a laptop with XP on it that quit accessing email. I had installed Ewido and AVG Pro on it a while back--six months ago--but he had never updated anything on it.

I was getting an error from OE when attempting to connect to the mail server that said: ERR AVG POP3 Proxy Server: cannot connect to the mail server. I also couldn't open the Control Console for AVG. I would get an error that avgcc.exe couldn't be found, and I couldn't find it.

I ran an ewido scan after updating definitions and it found a few tracking cookies but nothing else. I then ran a virus scan--strangely enough I could still do this--and found a couple of trojans and a virus. I cleaned that mess up, shut down the firewall, and ran an nmap scan against all 65535 tcp and udp ports on the laptop. There were no suspicious ports open. However, I still couldn't open the AVG Control Console so I did a repair install of AVG. That fixed the Control Console problem but I still couldn't download any email.

What I ended up finding was that the email scanner in AVG was set to use port 10110 for POP3 and 10025 for SMTP. I fixed those settings and away it went.

Has anyone else run into this before? I've never seen port numbers changed like that before.

 

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

One more thing about this. The email was only a problem on one account on the computer. The others worked fine.

 

No Freddy never seen that in my entire life

However, I have had issues with AVG 7 (the free one) in that it is very date conscious. If you are having any problems with the control centre, updates etc. Check the date on the system is correct.

 

Nope, never come across this tbh. Seems a strange problem, possibly a bug in the software?

 

Nor me. Strange Fred
Are you going to contact AVG?

 

No. It's odd how the control center was deleted and 10,000 added to the POP3 and SMTP port numbers though. I know the owner didn't mess with it. He doesn't know enough about his computer to do it and it would be a pretty rare bug that would cause a piece of software to delete a part of itself.

I also ran HijackThis and it came up clean. I checked every line that I didn't recognize and there was nothing suspicious. I almost suspect some type of rootkit but if that were true I'd find some suspicious ports open, or so I would think.

It's a puzzler to me, that's for sure.

 

Freddy, I had a quick google for POP3 and port 10110 and came up with this...

To be honest I can't quite understand what the guy is saying but it is very early

You might want to delve further because I think you may have bypassed AVGs email scanning system.

The link is here...

http://www.pcanswers.co.uk/tips/default.asp?pagetypeid=2&articleid=35762&subsectionid=616

 

Thanks, Bluerinse.

I read the link, took at look at the computer in question again, and it doesn't apply to the Pro version of AVG. The Pro version has three configuration choices for the AVG email scanner plugin. It uses a setting called Auto Configuration by default. In that setting you use the normal port settings for POP3 and SMTP. All you need to do to use it is to configure AVG to scan incoming and outgoing email and configure the email client as you would normally.

You can set it up the way the link you provided shows, but there's no need to do that as the auto configuration setting works fine and AVG reports that the email scanner is configured and working properly.

How the port settings were changed so that the user couldn't download email is still a mystery. The only thing I can think of is that the person from the ISP who set up the email client made the changes as this all started when the guy changed ISP's.