Kitz Forum
Computer Software => Security => Topic started by: chrissie on June 06, 2011, 10:48:53 AM
-
Hi,
Wanted to ask about AVG 2011 (bought version) which for me will expire in 20 days and I intend to renew but in about a week... There's a huge box that comes up on screen to tell me that it is about to expire giving how many days. Well that's fine but I cannot close the box down, it seems to get rid of it you HAVE to renew it which I'm annoyed about because that to me is aggressive selling (even if one IS going to renew the subscription).
When I try to close the box even with task manager, a notice comes up saying, "program cannot be closed as it's locked by the system". I am furious about this because nothing should take over the system whereby you cannot close it down IMO - well nothing legit...I know malware etc does. So if I can't close it by clicking the X or clicking on the task bar or pulling up the task manager and pressing end now...how, other than shut my computer down (which I've had to do) can I get rid of it please?
Am running Win XP home edition in case you need to know.
Chrissie
-
I don't the answer, but it does appear very bad of AVG to foist such an obtrusive nag screen on to your PC.
As a "paid up" AVG user, you are entitled to technical support from that company. It may be worth while going to their tech. support page, asking the question and seeing what they say.....................http://www.avg.com/us-en/customer-support
-
I don't the answer, but it does appear very bad of AVG to foist such an obtrusive nag screen on to your PC.
As a "paid up" AVG user, you are entitled to technical support from that company. It may be worth while going to their tech. support page, asking the question and seeing what they say.....................http://www.avg.com/us-en/customer-support
Hi TD
Thanks for looking in on this. I totally agree with you about this being obtrusive seeing that I cannot take the damned thing off without shutting my PC down. I have been in touch with AVG support and they want a screenshot of the offending item, however, it doesn't come up every day so am waiting for it next time I boot the PC up and see if I can do that to send. Don't want to leave it too late though as time is counting down to it running out but I don't feel like renewing subs whilst this notice is lurking...just in case the ruddy thing decides to do a wobbly on or after my renewal. I'll see how it goes and let you know.
Chrissie
-
>> just in case the ruddy thing decides to do a wobbly on or after my renewal. <<
And just in case it is not genuine. ;)
-
>> just in case the ruddy thing decides to do a wobbly on or after my renewal. <<
And just in case it is not genuine. ;)
Yes I know TD....had thought of it but didn't like to dwell on it especially as you can't just switch it off. Should I do a Trend House call on my PC as I've only done AV scans on this? Wish I had a techy neighbour who could do it for me...I'm a technophobe as you know (read...scaredy cat lol).
-
>> just in case the ruddy thing decides to do a wobbly on or after my renewal. <<
And just in case it is not genuine. ;)
Yes I know TD....had thought of it but didn't like to dwell on it especially as you can't just switch it off. Should I do a Trend House call on my PC as I've only done AV scans on this? Wish I had a techy neighbour who could do it for me...I'm a technophobe as you know (read...scaredy cat lol).
Trend HouseCall is an on demand scanner so running it won't conflict with any other AV software you have running
-
Hi
Sorry this is a long post, but I emailed AVG asking if the renewal box that I could not get rid of without shutting the computer down was a virus/trojan/scam et al that they knew about. I rec'd the following email and the relevant things I've left in black font. What I'd like to know is, should I follow all their instructions (my AVG runs out in 15 days or so).
As for their suggestion to download "the attached "avgproci.zip" archive it wasn't attached or I couldn't see it. I haven't a clue how to do what they ask to send the analysis so if someone could explain that to me in idiot proof terms I'd be very much
obliged. I had a feeling the problem with the box coming up was something sinister...now I think it was...sigh. Any help over this would be so appreciated as always from you brill peeps in here. I hope I've not made this too complicated....the following is the email I rec'd. Apologies in advance for being a nuisance :-[
---------------------------------
"Thank you for your e-mail.
Always update your AVG program so that it can protect your computer from the new viruses that are being created everyday, what had happen to you could be a caused of a rogue virus who can adopt the program files of the anti virus that you have and give you pop-ups or notices such as the one you encountered. Please follow the streps below
Fake/rogue application is a program that tries to look like a regular antivirus/security application but in fact it is not a product of any real antivirus/security company. Such application only simulates false threats on your computer and forces you to buy the full version of itself. Unfortunately you will just pay the money however you will not get any valuable service. The infections by fake/rogue applications can have many symptoms:
- Slowdown of a computer.
- False positives on important system files.
- Displaying of unwanted popup windows.
- Downloading of other viruses and trojans to your computer.
To solve this issue we would like to request some additional information. Please follow these steps and answer the questions below. By completing all steps and answering all the questions, you will speed up the process of finding the cause of the issue.
A) Please make sure that you apply all the available patches for your Microsoft Windows operating system. This step is extremely important as viruses can exploit security holes in outdated operating systems. To do this you, may follow the steps provided in the link below: (I left link off here)
B) It is crucial for the AVG software to be updated regularly to maintain reliability and the highest level of protection. To update AVG:
1. Open AVG.
2. Click "Update now" on the left panel.
C) Enabling the "Scan files on close" feature in AVG Resident Shield increases system protection. To enable this feature:
1. Open the AVG Program.
2. On the Tools menu, click Advanced settings.
3. On the left tree menu, click Resident Shield.
4. Select the "Scan files on close" check box, and then click OK.
D) Run the "Scan whole computer" test.
1. Open AVG
2. Click the Computer scanner on the left panel.
3. Click the Scan whole computer.
E) We would like to request an output of the Autoruns application for analysis. To send this information:
1. Save the "avgproci.zip" archive attached to this e-mail to your hard drive.
2. Extract all files from this archive to a newly created folder.
3. Run "avgproci.bat."
4. Send us the file named "result.7z" created in the same folder, for analysis.
F) To send us the previously mentioned files and information using the AVG Diagnostics utility:
1. Save the "runner.avgdx" file attached to this e-mail to your Desktop.
2. Double-click the file, the AVG Diagnostics tool will start automatically.
3. Type your e-mail address, a detailed issue description (As a description please enter "fake/rogue application" or something similar), and the answers to the following questions into the appropriate areas:
a. Is the virus detected by the "Scan whole computer" test?
b. Is the virus detected only by AVG Resident Shield?
c. Is it possible to Delete, Heal or Move to Vault this infected file?
d. Is the virus detected repeatedly? Is it the same file?
e. When is the infected file detected? After restarting the computer or after connecting to the Internet?
4. Click Attach file and add the previously generated "result.7z" file, created in procedure E.
5. Click "Diagnose and send results.
After completing these steps you can delete the tool from the folder where it is located (C:\AVGTemp\avgproci_en by default).
We will analyze this data and contact you with further instructions. Thank you for your cooperation.
Best regards, "
-
Chrissie, did you manage to run a Trend Micro on-line scan.........if so, did it come up clean?
I would certainly contact AVG again and request a further sending of that missing ZIP file, and then run through the process as outlined.
In the meantime, I would also go here http://www.filehippo.com/download_hijackthis/ , and download the little utility hijackthis. Run that program ( no need to instal, it runs from it's .exe ) . When it has finished it's scan, it will produce a log of the scan results.
Save that log....and then post it.
Where to post it ? These logs are complex and need a specialist analyst....and I suggest that you post same in the hijackthis log section at WebUser ( http://forum.webuser.co.uk/ ) where there are three trained specialists in this field................post the log with a brief outline of your problem. (If you are not a member there, post the log here and I can copy and paste it into WEbUser for you )
After that, you will be asked to follow a procedure which will vary as to what is found in that log.
-
Chrissie, did you manage to run a Trend Micro on-line scan.........if so, did it come up clean?
Either run Trend Housecall or download the free version of Malwarebytes from Filehippo(this is a very safe site for downloads).Let it do a scan and see if it brings anything up.
I have Malwarebytes on my desk top and do a quick scan weekly,it takes roughly 20 minutes.A full scan will take longer.
It is very good and very handy to have installed as additional protection.It doesn't conflict with any other AV software you have running as it is an on demand scanner,where as your AVG software runs in real time.
Download it from here
http://www.filehippo.com/download_malwarebytes_anti_malware/
-
As suggested by unkyUb, malwarebytes is an extremely good program which should be on all PCs running Windows.
The scan is quick, effective and reliable........anything it finds can be safely zapped without adverse effect on the OS.
However, before or in addition to running that check, I still advise the hijackthis route......for a simple reason.
You may have an infection........but if you do, it is evident from their reaction to your query that AVG, a reputable security program, does not recognise it and it possible that other security progs. are equally unaware of it.
It may well be something new.
The hijackthis log may well just throw up the answer which can be passed to the anti-malware programmers for inclusion in later updates, hence the need for specialist reviews of the logs.
-
Hi again Uncy and TD.
No I haven't done any other scans yet as I was dealing with AVG Techies by mail as you can see but I do want to do them. This morning the "rogue" box telling me to renew came up again, it wouldn't let me do a screen shot so I got the camera out and took photos of it and though not brilliant they should be able to look-see and hopefully (fingers X'd) tell me summat about it. Silently tearing my hair out here because as you good folk know...I'm computer illiterate and a scaredy cat when it comes to mucking about my pooter...scream.
I'm going to send the photos to AVG in a mo, took one of the box as it comes up...one with the other box in front of it which reads, "program cannot be closed as it's locked by the system" and one of the interface of my AVG which has two progs on it which say activate now, they are called Family Security and LiveKive. Have googled them and they say to do with AVG security but I'm still not sure that they are legit.
Thank you again for your continuing support and advice, it's appreciated more than you know.
BBL.
Chrissie
PS....if TD or Uncy would like me to email these photo shots to them, please let me know.
-
PS....if TD or Uncy would like me to email these photo shots to them, please let me know.
I myself have no knowledge of AVG,so I don't think they would mean much to me. :-[
But I would still go down the downloading and running Malwarebytes just to give you peace of mind that nothing nasty has got onto your computer.
As TD has stated,it should be installed on every windows pc.Its easy to install and easy to use,believe me,If I can use it anyone can ;D
-
Hi again (bad penny moi ;D )
I sent the pics to AVG though they didn't mention them when they replied. Instead they asked me to provide an output of the Autoruns application for analysis. Want me to download the AVG service Utility from the link they have given me, install it (sigh) and follow the instructions from the readme file.
All this beyond me and over my head but I will try and do it....if you hear from screaming, the air turning blue and see an old duffer running around tearing her hair out you will know it's me :lol:
Chrissie
-
Good luck... :fingers:
TD is going for a wee snooze now, so could you scream quietly please.. :D
-
Well I hope I didn't wake you with my screaming TD lol. I did what AVG techies asked and downloaded the files to their instructions but as usual, they don't give you instructions for when something doesn't go as planned. When I went to run the .bat file they said to do it came up that it didn't download (scream), tried it again but same message....sigh. So I'm up the creek and the PC is counting down to when I'm without an antivirus and as the rogue box came up again yesterday...looks like it's still going to tee me off.
I wrote and explained all the goings on to AVG (they want information of autoruns or summat and for me to send the file when it's done)...anyway as I couldn't do anything I wrote and I haven't heard from them again, they usually respond pdq since they found out about this. As I'm a born again pessimist I'm wondering if they are going to leave me high and dry now...sob. Will wait and see if they reply today. :'(
Chrissie
-
Tbh I would be inclined to say stuff em and get another AV package.Avast gets very good reviews and I know members on here use it(TD irrc) and rate it highly.
I myself have used McAfee for 4 years and never had cause to complain.I have the paid for Internet security 2011 package.IT originally came free for 3 years with my Dell computer and have renewed the subscription for another year.
-
I would think that it would be of great interest to Grisoft, who distribute AVG, to gather all the information they can on what sounds a nasty virus. It is an attack on their software and it is bringing them into disrepute.
Chrissie, they may know how to deal with the virus if you can give them the information they need. I know how smart a lady you are when you bite the bullet. :)
The .bat file they sent you I assume needs access to the Internet to operate. It could be that this virus is preventing the access to the AVG servers.
I feel your best course of action is to follow TD's advice about having the machine scanned. My reasoning is that if you kiss avg goodbye you will still be left with the virus. If the website suggested by TD can clean the PC then maybe you can make some progress.
I have ear defenders on and I can still hear the screaming. ??? :lol:
-
WE can only advise but as stated on previous posts....Scan with either Trend Housecall/and/or Malwarebytes and see if there is anything amiss.
I think this should be the first course of action irrespective of sending screen shots/logs to AVG.
Scream all you want Chrissie............I'm deaf :D
-
Hi you dear patient people
Thanks for bearing with me. State of play so far….
The autoruns biz…..when I tried to do the scan thingy it kept coming up with “the autorunsc.exe file is missing and I kept trying to download again but it wouldn’t so it was a no go. I emailed AVG yesterday but no reply.
Today I looked in the AVG firewall settings and one of the “allow all” list was AVGINSTALLEDAPPX.EXE (written like that). I googled it and no information so I sent another email to AVG today to ask them to tell me what that was but they still haven’t got back to me so I am NOT pleased.
Then…(wake up please)…..this afternoon I did two more Housecall scans (the recommended version) and nowt found. So I took the bull by the horns and did the Housecall full scan….2½ hours!! It threw up 17 AGENT AVGI.EXE Trojans and one “suspicious” file. I got it to fix the Trojans but it wouldn’t fix the generic suspicious file which is: YSIGNU~1.EXE TROJ GEN.R23C3L3 so I’ve been left with that and cannot find it in any database et al.
So….(keep up please hehe)….I rang their free phone number helpline (AVG) she couldn’t help me but said maybe the autoruns wouldn’t work because of the Trojans. She has sent me ANOTHER tool thingy to enable data to be sent to them and instructions about extracting other info from my computer.
This is all too much for my weary old and technophobic brain so will leave it until tomorrow but I think it may well have put me off completely…and will have to pay out to have someone rectify things and uninstall and install a new AV.
I have removed the files they told me to download EXCEPT I cannot find where it’s located in the C files..seems there were two that were downloaded. Can anyone please tell me how I can find C:\Documents and Settings\Owner\recent because although I’ve tried I cannot get to delete this file.
:comp:
Thank you once again for any help you can put my way I appreciate it that’s for sure.
-
>>> Can anyone please tell me how I can find C:\Documents and Settings\Owner\recent <<<
The file is probably hidden. When you get to c:\documents and settings\owner .......go to the tool bar at the top of the page..click on "tools", when that opens click on "folder options" and when that opens click on "view" then scroll about one third of the way down the list of options until you get to "Hidden Files and Folders" and there move the tick mark from "Do not show hidden files and folders" to "show hidden fils and folders" .......then click apply and ok.
Do the same in c:\docs and settings\administartor and/or any other user accounts you may have.
When you have completed your search, go back through the same route and re-hide them.
AVGINSTALLEDAPPX.EXE does not throw up any results in Google, nor does YSIGNU~1.EXE TROJ GEN.R23C3L3 ..........that all implies that the infection is new and unknown to the anti malware companies, which is why I suggested a hijackthis log creation.
Let us know if you find these files.........and keep smiling. One of these days you will look back on this and have a laugh.. ;)
-
If I may add to TD's post.
Before you hide the files again, particularly the suspicious ones, rename them. All you need do is add '~' (the tilde not the quote marks) to the end of the file name. That should stop them running. Don't delete them as they may re-appear.
As I said in my previous post the viruses may be preventing you from cleansing your system.
-
Tbh all this is a bit over my head,but I do know one thing......I wouldn't be renewing my AVG subscription.Seems very poor support for a full paid subscription
-
Thaks again guys. I can't spend too much time on this today as I'm out soon :( However just a couple of things. I found the avgproci_runner_en file and autorunsc when I did the hidden files thing (thanks TD) and deleted them though they didn't go into the recycle bin, don't know if they do like that... did a search of them after and didn't come up.
I looked on the AVG firewall config and the AVGINSTALLEDAPPX.EXE is still there with "allow for all" on it couldn't find it in the location C:\Program File\AVG\AVG10\NOTIFICATION\... file anywhere even under hidden files. However what I did find in there and I don't know why they should be there are:
Microsoft Picture It! Documents
update-payment-details-btn
update-payment-details-btn2
update-payment-details-btn3
update-payment-details-bkg
I may be wrong but seems suss to me in an AVG file app.
Atm I am getting stressed out about all this because I really don't know what I'm doing or how to apply things to put them right (even to do the hijackthis log). I might have to give this up as a bad job and let the paid professionals do the job and install another AV for me. Still hanging on though just in case, but not being 100% well doesn't help either <scream> sorry TD :D
Thanks again for your patience, what would I do without you guys.
Chrissie
-
Hi Chrissie, I fully understand your frustration, so I'm not going to even try and give you instructions that I don't think you would understand.
One thing I must stress is empty the recycle bin. Viruses use it to relaunch.
Going by the name of the files you mention they belong to a graphic of some sorts. You can disable them as I suggest, that is rename them by right click on the filename and select rename in the popup menu. Add a tilde '~' at the end of the name and save it. If you find that something doesn't work as it should, like missing buttons, then you can always remove the tilde '~' that you put at the end of the filename and they will work again.
The AVGINSTALLEDAPPX.EXE appears as though you can dis-allow for all, going by your explanation. If you can then dis-allow it, by removing a tick or what ever. You can always put it back again if that doesn't work.