Hello everyone, this is my first post. I have a fairly new HP laptop running Vista.
I had AVG installed (paid version) but it would not update, and the laptop began running slower and slower. In addition, when on line, if you clicked a web site in Google, the PC would jump to a totally different site, other strange things were also happening. Windows also failed to update, roughly from the time I installed AVG.
I took off AVG last night and installed Avast. Installation went OK, and it also updated OK. It went to a “DOS” type screen and started to virus check. I did not have the time to wait and cancelled the test. I then checked the Icon on the desktop, to see what was in the programme.
I started a virus check from the desktop, and was informed that a virus had been found in my memory? and avast needed to carry out a full scan.
This I agreed to, and it went back to the “DOS” screen again. I retired to bed, as the scan was taking ages. next morning the computer was dead, but the blue lights along the back by the on switch were still lit. I pressed the on button, and up came a screen saying the computer was unable to start, and needed to recover to an earlier date, which I did, but avast had disappeared, all other programmes and data were intact.
Has anyone out there any suggestions as to what I should do? I am considering buying a copy of Vista and re-installing from the start.
IF possible, I recommend you try to install 1 or 2 antiSPYWARE/antiTROJAN
program(s), namely : 1) the FREE Version of “SUPERAntiSpyware” from www.superantispyware.com ; 2) the “FREE” Version of MalwareBytes’
Anti-Malware from www.malwarebytes.org/mbam.php . I would run them in an
attempt to “remove” what is causing problems !?
I assume the unwanted AVG is back on your computer ?
Hm, I’m not sure what happened, but it probably looks like your PC has been hijacked (i.e. explains why your browser page redirects).
Now I don’t know why you would uninstall AVG Paid (since you pay good money for it), but what do you mean you’ve been restored to an earlier date?
When you say earlier date, I assume last good configuration or system restore. If that’s the case, you most likely still have the virus on your system.
Since we don’t know what exactly is wrong, I suggest running HiJackThis, saving the log file, and posting it on the forums. I dunno how to read the logs myself, so I hope that other forum members will help you .
Post you logfile here for people to analyze it. Also, try using these sites http://www.hijackthis.de/ + http://hjt.networktechs.com/ for a self check (NOTE: use this as a second opinion, people’s analysis is always better).
Happy Dude, I am in my sixties and not that good with software, so I was not quite sure, without bothering you more, exactly hope to carry out your directions, thank you so much for responding anyway.
However I could follow what Spiritsongs said and I tried Superantispy first, but it would not stay on the download site long enough to download!!
So I went for Malwarebytes first, and it found 31 Trojans, (now quarantined) and following a reboot, for the first time in several months, I did not get a “ding” on boot up, and a window saying there was a missing DLL file in windows, brilliant!!
I then downloaded superantispy, and that found 12 tracking cookies.and following another reboot, Vista updated for the first time in 6 months!!! (36MB of data!) I have my old laptop back!!
My main problem now is-
Do I resort to AVG again, I was never happy with it, and why would it never update, or indeed pick up the Trojans?
I am tempted to download Avast again, but why did it lock up my PC?
Thanks again for your help, Micky77, thanks also to you, but I am not quite sure I could carry out a reinstatement using the partition, the AVG was a genuine paid for version, but I had alsorts of problems, and there response time to problems was sometimes in excess of a week!
Maybe the infections on your computer were interfering with Avg,Avast and your windows updates.Did you contact Avg ( is that what you meant about slow response )http://www.avg.co.uk/ww.support-technical-form-direct?ver=8
I would still try to post a Hijackthis log,for one of the experienced helpers.to view.If you use the link given by Happydude, download HijackThis’ .When you have installed HT,opened the progam,and choose ‘do a system scan and save a log file’.When the scan is finished,it should show the results in notepad,which will appear on the screen,right click and choose 'select all ’ then right click and choose ‘copy’.When you are logged onto the forum,start a reply,then right click and choose 'paste’Your log should then appear in your reply.
Regards recovering your pc to its factory settings,I have never done this,but here is a link http://h10025.www1.hp.com/ewfrf/wc/document?lc=en&cc=uk&docname=c00809678&dlc=en
-Download the .exe file (unzip from the zip folder).
-Start up HiJackThis, and click “Do a system scan and save a logfile”
NOTE: That logfile is what we need. Post the file here with copy and paste or attach it to your post.
-After, click “Config…” to your right and then click Misc Tools at your top right.
-Click on “Generate StartupList log” WITH both checkboxes marked.
-Post that file too.
I am in my 60’s, so there is “Hope” for our Generation . As to an antiVIRUS
program, I recommend you COMPLETELY REMOVE AVG, even going to the
extent of following the “Guidelines” at www.pchell.com/virus/uninstallavg.shtml .
Then with all those Trojans “quarantined” by the MalwareBytes program,
Avast should properly install and function .
To see IF any other “malware” might still be on your computer, I recommend
you go back to the malwarebytes Site and ask in THEIR Support Forums that
are staffed by experienced, trained, CERTIFIED, Volunteer “Malware-Fighters”
and have them look at the “Log” of THEIR program to see IF they can spot
any potential “Trouble Makers” that MAY need further Help in “removing” !?
You would Start by “Registering” there, then going to http://www.malwarebytes.org/forums/index.php?s=3386965994a741fa7cb6dbe95fb81577&showforum=7 .
Tried, ran the programme, exactly as requested, got the log files, pasted to a reply post, up came too many characters to post reply. I removed the second file I had pasted, and still too many characters.
So, split the file(s) into different parts that you can post.
Best idea would be to ATTACH the file onto your post.
To attach a file:
-Alright, hit “post reply” on the forum.
-Now, you see the basic reply page, with the white text box for your reply.
-Under that, you see “ADDITIONAL OPTIONS”. Hit the “+” sign please.
-And there we go, a way to attach files.
And that’s how HiJackThis experts on this forum would be able to tell you whats up (or whats left) with your system. They are able to tell you what seems off, what is malware, and what to delete.
Alright, here is my (amateur) opinion after using the sites: http://www.hijackthis.de/#anl + http://hjt.networktechs.com/parse.php to check your logfile (I didn’t check your startuplist). NOTE: Please use these two sites and paste your logfile there to see if there is anything you may not be familiar with.
Yes, you do have remnants of malware on your system.
Delete, or ask about, these entries with HiJackThis (the program has a delete entry option; use it). DO NOT do it now, wait for a second opinion. I am not a HiJackThis expert.
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
File Missing
When a file is missing, you should always have HijackThis fix the item.
O2 - BHO: cpmsky browser optimizer - {d43f8f01-1d81-fed6-25ef-3abd807d07c6} - C:\Windows\system32{b4b62942-d91e-d09f-b2dc-1fe7fd3091d9}.dll (file missing)
File Missing
When a file is missing, you should always have HijackThis fix the item.
O2 - BHO: MySidesearch Search Assistant - {DDFA1356-E6ED-42a5-9D62-93211D424A90} - C:\Windows\system32\mysidesearch_sidebar.dll (file missing)
File Missing
When a file is missing, you should always have HijackThis fix the item.
O4 - HKLM..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
Launcher
Spyware component related to DownloadWare and found in Program FilesKFH
O13 - Gopher Prefix:
IE DefaultPrefix hijack
This is always bad.
O23 - Service: stllssvr - Unknown owner - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing)
File Missing
When a file is missing, you should always have HijackThis fix the item.
I think that the hjt.networktechs.com one is somewhat flawed as it states that your HJT version is out of date and reports version 1.91.1 as the latest version which to me shows it hasn’t been updated in a long time.
It also reported something that should be removed when it wasn’t coolwebsearch that it reported, so to me you have to take what it says with a large pinch of salt and you have got to know for sure if it is bad. Something you need to have some system knowledge or you could cause some damage. The hijackthis.de doesn’t flag the same entry.
There are also a lot of Purple entries (Bad if you don’t know them) for applications, services, etc. that have been around for ages which it really should recognise. The same is true of Black entries, Unknown, you should investigate these. Again this to me shows a lack of development, not a site that I would recommend.
Further to my last post, and the brilliant help from members of this forum-
I downloaded Avast again last night, and ran it this morning. It found several viruses again on the search which were quarantined, but the scan went without problems this time, and I am very happy with the results. Following a few more scans, I will probably update to the paid version.
I certainly would not recommend AVG to anyone now.
Hi :