I’ve been reading and following the generic advice I could find here and on a couple of other reputable forums I’ve long been fond of, but I’m ready to throw this computer out the window at this point! Being in a hurry and not thinking, I clicked a link in a business email because we actually were expecting a FedEx delivery (I attribute whatever is going on to this as it began within a few seconds of clicking the link), and long story short, I apparently got a virus. I say apparently because all initial scans showed nothing and Avast let it through with no warning. I keep all of my definitions up to date, but as I’ve been reading, this little worm or whatever it may be is pretty nifty, it seems, and can get by most scanners.
Anyway, I did the usual:
Safe mode
Malwarebytes (showed no threats on full scan with all options ticked)
Then attempted to schedule a boot scan with Avast thinking it would then catch anything hiding
I get an error that there is a software restriction policy not allowing Avast to run. I Google and come up with a suggestion to run RogueKill to kill any process or delete a registry key that would cause the issue. It found a couple of things and I allowed them to be deleted. I then tried again to run Avast and now get the error message about not being able to scan because there are no endpoints. I read some more and followed more advice and used the Avast uninstall tool - rebooted to safe mode, fresh install of latest Avast…and nothing. I’m still getting both errors, depending on how I try to run Avast (even tried a selective startup via msconfig with only windows services and Avast releted selected). I’ve Googled til my fingers are sore from typing and I’ve done everything (and then some) that I have ever used successfully in the past, to no avail. I downloaded the Farbar Recovery Scan Tool but I need help knowing what to add to be deleted. I used to use HiJackThis to find suspicious stuff when all else failed, but when I look at the results now, due to some extra stuff I run, I no longer know exactly what to get rid of. I’d be forever grateful if someone could help me get my system back in good running order.
Yay!!! Okay, so far at least, Avast is running and computer seems a little less quirky. I’ve only run a basic startup scan and it came back clear. Okay to go ahead and run an in-depth scan or should I complete something else prior?
You guys are awesome, by the way - I honestly didn’t expect help so quickly
Run FRST and press Fix
On completion a log will be generated please post that
THEN
Please download AdwCleaner by Xplode onto your desktop.
[*]Close all open programs and internet browsers.
[*]Double click on AdwCleaner.exe to run the tool.
[*]Click on Scan.
[*]After the scan is complete click on “Clean”
[*]Confirm each time with Ok.
[*]Your computer will be rebooted automatically. A text file will open after the restart.
[*]Please post the content of that logfile with your next answer.
[*]You can find the logfile at C:\AdwCleaner[S0].txt as well.
Okay, I’m back. Ran Farbar again. Attached is new Fixlog, as well as most recent AdwCleaner log (I had already run it a few times in the last day or two before finally asking for help). Everything is running pretty smoothly now…except for the fact that anything I right click on attempts to install Acrobat 8! What???
I’m so sorry to just now be getting back to this, but I had a bit of an emergency that I had to handle over the weekend and into Monday and this is the first chance I’ve had to get back on here. I just came back to work this morning and checked the status of an in-depth full system scan I had let Avast run. It finally picked up the two .DLLs that I suspected and had renamed so I could find them if nothing else did. It also found the email attachment that started it all (from the bogus FedEx email). I had it move all three items to the chest and then set up a full boot scan and it came up clean. Everything is running great now. Incidentally, the right click thing is no longer happening since the bad files were quarantined. I had attempted to get the FixIt from Microsoft the other day when all this first started, but I could only find support for Vista and newer since XP is no longer being supported. Anyway, thank you so much for being patient and kind in your responses and with your time in walking me through fixing this
Click on the link above to be taken to Unchecky.com
click the very large Download button.
click Save
Click Open folder
Right click on the Unchecky_setup and choose to Run as Administrator
Once open click the Install button.
Then click on Finish
Unchecky is now installed and will help you keep unwanted check boxes unchecked, this is a fire and forget programme
It is critical to have both a firewall and anti virus to protect your system and to keep them updated.
To learn more about how to protect yourself while on the internet read this little guide Best security practices Keep safe
Everything seems to be back in good shape after running it since yesterday afternoon. I’ve got Avast updated (again) and set to auto update. I’ve used it and Malwarebytes for suspicious stuff for the past few years and found the combination to be quite awesome and not too terribly greedy with memory. Is the built-in Windows firewall still considered sufficient, or should I look at something else? As long as you don’t suggest something different, you can mark this issue closed, and again, thank you