23 replies to this topic

[poemmuse]

Hi. I posted this about an hour ago in the wrong place, over in software.... so i'm reposting it here, probably where it does belong. Hi. I have avast anitvirus and ran a complete scan not 12 hours before I got a message from Microsoft that I had a virus...didn't get any message from Avast..... and immediately I got a pop up screen from HDDoctor.... and of course their scan couldn't be completed unless I decided to buy more protection. I think this is a scam or a part of a virus that AVast couldn't detect. I have both Zone Alarm and Avast running and uptodate, my adaware for some reason is not working and neither is my erunt program. I hesitate giving any pop up screen my information or my credit card information, is this truly an authorized site from Microsoft because it won't even let my computer turn on, it keeps saying I have a fatal error , shuts down my computer and automatically restarts it, and does that whole HDDoctor scan again, when I don't buy the program that will fix it, i just get another fatal error message and we start the shut down/restart all over again...... oh, this is my laptop we are talking about...a lenovo I bought in May of this year, now i can't access anything, internet explorer won't work, i can't get online. I am on my other regular computer with this question so don't know how to proceed if I can't even get online with the other computer. thanks the new lenovo i think has a different version of windows than this older computer i am using. This all started up using a game I had purchased this past summer, from big fish games, bricks of atlantis... the day of this virus or the day before, I couldn't play the game anymore, but my bricks of egypt was still working...then I got a message, like I said, that I had a virus, a win.32 something I think it said...and then I got this screen pop up that said: HDD Doctor detected an error on your hard drive when trying to access a file C:/Program Files/Adobe/Reader 9.0/reader-sl.exe Perform data recovery now? --- so of course I hit yes.... the this screen pops up HDDDoctor, and it is performing a scan, with red, blue and green areas, of course there are alot of red areas at are supposedly unreadable and can't be opened- low level access required. then another screen pops up after the scan is completed: Confirmation - your hard drive has alot of critical errors. All your data including installed programs, documents, email etc are at risk of irreversible corruption. The trial version does not have the low level access module needed to fix the errors found. It is strongly recommended to activate the full verson software with necessary modules. Activate full version now? and you hit yes, and get another screen...NOT directed to any website, but it supposedly looks like a website, it says https//software foundation.org/hdddoctor/register, but non of this seems legit, it isn't in the usual format I am used to seeing when dealing with computer problems, not the same kind of screens at all, no numbers or codes used. And of course it is an outrageous sum....$69.95 for one year, $79.95 for two years or 89.95 for lifetime and 9.95 for 24/7 support at 9.95 or 99.90 with lifetime support. none of this looks real..... I am on my regular desktop computer because I can't use the other one for ANYTHING, ACCESS ANYTHING.......... but using this computer, I can't find anything that is softwarefoundation.org, there is a PUBLIC software foundation.org after you refuse to buy the program, it then goes into an automatic reboot, shuts down the message box says Windows cannot continue operating due to a fatal system error or serious system error.... and it will shut down, then start up again and go through the whole thing over and over and over..... I don't know how to fix my laptop if I can't even access explorer, get on a website. Should I go out and buy one of those little sticks you stick in the side, i forget what they call them, well, will that work because my desk top computer does have a slot on the tower for one of those things, can I transfer the info somehow from that stick and get it on here that way? I think I do have Hijack this installed on that computer.

[LDTate]

That's one of those Fake anti-malware programs that hijacks your computer.

What Windows version are you using with the laptop?

[poemmuse]

um, that laptop has vista...... this older desk top computer has xp...... i was wrong, i didn't install hijack this on the laptop, only had it on this old computer....came here once before long time ago.... but when I got the laptop in May, I remembered to put on the Zone Alarm and I actually bought a year of Avast protection for the laptop..... jeesh, didn't work so good did it? oh well, probably nothing can be done, if you can't even get it to boot up, the virus has my system and I can't go anywhere on the internet..... but i can still play spider solitaire, lol. what else could a girl want? hopefully my zone alarm and avast here will keep this protected. I don't know what else to do..... I did have an attack from malicious sypware, but my malbytes caught it here on this old computer, why doesn't the Avast and Zone Alarm seem to work on either computer? Like I said, I ran a scan not 12 hours before I got that worm notice, my protection was uptodate and current.

[LDTate]

You could try System Restore. 1. Click Start. 2. Point to All Programs. 3. Point to Accessories. 4. Point to System Tools. 5. Click System Restore. 6. Follow the instructions on the wizard. See if you can find a date the the PC worked.

[poemmuse]

who knew? where is the book to buy that tells you there are things like this on your computer? LOL...ok, I went to where you said, but as soon as I hit system restore I got a message that said: The application has failed to start because it's side by side configuration is incorrect. Please see application event log ( hello? HUH?) or use the command line sxstrace.exe tool for more detail. yeah, right, like I can find a command line sxstrace. exe tool. where the heck is that???? LOL ok...... then I see a cute little icon on my desktop, never even knew it was there.... IT SAYS, are you ready? can you believe it??? ONE KEY RECOVERY!!!!! Well, I like that word RECOVERY ...so I click on that, who knew???? I had three options, well, it looked like three buttons with 3 options... system backup, system recovery and one key recovery....but the only button that worked was system backup.....and when I clicked on that, at least I got online...but nothing happened, at least I couldn't tell if anything happened....so I decided to go to google, malware bytes, get that program on the laptop.....got there, tried downloading the free program...and got the exact same message, the application failed to start because side by side configuration is incorrect. ok.... what next??????? oh i am dreading this. i hate clicking and going places I have never gone before, this darn 'puter is so intimidating and can do things on it's own, and it's smarter than me and that alone scares the living bejeezus outta me.

[LDTate]

http://forum.avast.c...p?topic=55888.0
Post #13

I had the problem on the Vista machine here and it was caused by the Avast! installer not correctly installing the C++2008 files. The only thing that fixed it was to first completely uninstall Avast!. Use the removal tool afterwards to be sure all of it is gone. Then download the C++ 2008 redistributable from the Microsoft site and install it. Then you can install Avast! and everything should be fine.
Remember to then run Windows update to get the latest patches to the C++ package.

[poemmuse]

okay, but you do realize you are talking to a 63 year old woman who read the above and said, "holy cow, that is greek to me"..... oh well, thanks for trying, but i seriously doubt i can figure any of that out. thank you for your time .... happy holidays and much peace and happiness for your new year.

[LDTate]

I agree. It doesn't look easy to me either.
This area of the forums is for virus/malware issues.

I suggest you start a new topic in our Windows forum and work with our Tech Team.
http://forums.whatth...p?showforum=119

[poemmuse]

well that's just it.....what does a c++ redistributable have to do with trojan, or a virus, or a worm, which I obviously have? This c++ thing isn't going to get rid of the virus or the worm or the trojan I have on my laptop. Plus, I BOUGHT that darn Avast program. How do I just download it again? All that information is gone, I bought the antivirus program back in May, will Avast have a record of it? So, I do this thing , this C++ thing, and it is tied into my Avast program....so supposing I can get my avast software reinstated through Avast? So what I am assuming you are saying is after I delete the old Avast, get the new avast, download this c++ thing, then supposedly the Avast will work properly and be able to deal with this trojan or worm or virus I have? I mean, this is truly how dumb I am and I"m just trying to figure out the steps, how they work and what to expect if I can get it all done and done right.

[LDTate]

Yes you had / have a nasty infection.

I can give you tools to run if you can get the tools to the infected computer.

From the working computer, download the tools to a USB device like a thumb drive.
After you have it on the thumb drive, plug the thumb drive into the infected computer, copy the tools to the infected computer and run the tools.


Please don't attach the scan results, use Copy/Paste

Download the tools needed to a flash drive or other USB device, and transfer them to the infected computer.

If the tool won't run from the desktop, try running it from the USB device.


Vista and Windows 7 users:
1. These tools MUST be run from the executable. (.exe) every time you run them
2. With Admin Rights (Right click, choose "Run as Administrator")

Stay with this topic until I give you the all clean post.

You might want to print these instructions out.



Please download GooredFix from one of the locations below and save it to your Desktop
Download Mirror #1
Download Mirror #2

• Ensure all Firefox windows are closed.
• To run the tool, double-click it (XP), or right-click and select Run As Administrator (Vista).
• When prompted to run the scan, click Yes.
• It doesn't take long to run, once it is finished move onto the next step

Next:

Note: if the Cure option is not there, please select 'Skip'.
Please read carefully and follow these steps.

• Download TDSSKiller and save it to your Desktop.
• Extract its contents to your desktop.
• Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  
  
  
  
  
• If an infected file is detected, the default action will be Cure, click on Continue.
  
  
  
  
  
• If a suspicious file is detected, the default action will be Skip, click on Continue.
  
  
  
  
  
• It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  
  
  
  
  
• If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
• If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

please post the contents of that log TDSSKiller log.


Also please describe how your computer behaves at the moment.

[poemmuse]

hey there LDT, okay, hitting the ONE KEY RECOVERY icon on my desktop must have helped because I can now get on line, only glitch seems to be a cursor that constantly is the the circling mode, lol, whatever that's all about, but I still can type and get to places on the web. I'm gonna try to do all that stuff you suggested now. I'm not messing with that microsoft c++ thing right now, hope that is ok, i'll save that terrifying ordeal for another day. Ok, i'll get started and get back to you

[poemmuse]

oh well, live and learn, that won't either, getting that same c++ configuration problem...so i guess I have to figure this whole thing out venture to that other solar system where dragon computers rule the world and dummies like me are chained to a rock and eaten at will, if I survive i shall return.

[LDTate]

[poemmuse]

ok.... we had a blizzard here and i lost power now am back online can't do any of the suggested things with the two downloads you wanted me to do.... they will not go into scan mode , I can't get them to run maybe with that goode thing, i don't know how to run as administrator, have right clicked on it but nothing happens i am pretty stupid

[LDTate]

See if you can do this:

• Download OTL to your desktop.
• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
• When the window appears, underneath Output at the top change it to Minimal Output.
• Check the boxes beside LOP Check and Purity Check.
• Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  
• When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
  Note:These logs can be located in the OTL. folder on you C:\ drive if they fail to open automatically.
• Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them both in.