boot scan - corrupt files?

Hi,

I did a boot scan after an unnotified infection and got the following -

http://i124.photobucket.com/albums/p32/r_i_c_2007/avastbootscan_zps5b27eca1.jpg

Is it possible to find the log from this boot scan please?


Currently I have problems - have done a full virus scan with Malwarebytes, but the desktop 32 bit Win7 is behaving strangely. Internet Provider is slow and hangs or crashes, and last night I couldn’t boot down. The IP will also not close then crashes when you try again to close or “will not respond”.

Any clues please?

Have also run CC Cleaner (which hung in normal mode but worked in Safe Mode) and Adw-Cleaner, although I notice the icon for adw is grey instead of brown, the original program asked to be updated which is when the brown icon swapped for the grey)

Thanks,

a_vast

files/archives that are corrupt is not something avast can do anything about… it is just a error message
it does not meane the files are infected. avast sometimes say corrupt about archives it can not unpack and scan

if you want a malware check, follow the logs guide at top in virus and worms section
when logs are attached, malware experts will be notified…

Hi,

Thanks. I just did a full Malwarebytes scan in Safe Mode. The result was negative, no files infected. So I booted back into normal mode and went to open Malwarebytes to check on the protection status. The computer immediately froze, only the mouse left working. I did a manual restart back into Safe Mode but have no idea where to go from here? I am typing this on a laptop.

Advice please.

Thanks again -

a_vast

follow guide and attach logs…not copy and paste http://forum.avast.com/index.php?topic=53253.0

AdwCleaner / OTL / aswMBR

Pondus thanks: can I get at these logs in Safe Mode please?

Otherwise, am getting worried by Adw_Cleaner. I was just asked by its company ‘Xplode’ to download the latest version - I did (red icon) and it cleaned some files but when I rebooted it had disappeared, it is nowhere on my laptop: what is happening please? This is a very useful program but after a while it always asks to be updated and then everything starts to go pear shaped?

Am giving the desktop a full AVAST scan because I can’t think of anything else to do at the moment, something has really upset this 2Core :-o

AV

Pondus thanks: can I get at these logs in Safe Mode please?
yes

latest AdwCleaner now have a quarantine…so you can restore, but just do the scan and log now

Right, nice and slow as she comes - am typing this on the desktop which seems to have recovered its senses after 12 hours of mayhem. Both the recent Avast and Malwarebytes full Safe Mode scans returned negative infected files.

But I cannot log as you recommend because this is the only ADW dialogue box I am seeing:-

http://i124.photobucket.com/albums/p32/r_i_c_2007/adw_cleanerok_zps0db0ddc8.jpg

I am attaching ADW and MBAM logs - hope these are the right ones? Here goes.

AV

Cannot download http://public.avast.com/~gmerek/[b]aswMBR[/b].htm - it either disappears without trace or turns up as a file that my computer cannot open.

and OTL ?

comin up :wink:

You have the old version of AdwCleaner this is the new one

https://dl.dropbox.com/u/73555776/AdwCleaner.GIF

Is MBAM now working on normal mode ?

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL

[*]Under the Custom Scans/Fixes box at the bottom, paste in the following

https://dl.dropbox.com/u/73555776/OTL_Fix.GIF


:Commands
[CREATERESTOREPOINT]

:OTL
O2 - BHO: (no name) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No CLSID value found.
O2 - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No CLSID value found.
O16 - DPF: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444552440000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)

:Commands
[resethosts]
[emptytemp]
[Reboot]

[*]Then click the Run Fix button at the top
[*]Let the program run unhindered, reboot the PC when it is done
[*]Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

V3 - that’s the one I’m running?

Affirmative can open MBAM :slight_smile: - found this - shall I delete these nasties - they are history but still in quarantine.

http://i124.photobucket.com/albums/p32/r_i_c_2007/MBAMquarantined_zpsc0e50a1e.jpg

Aye kill 'em how is the computer behaving ?

Thanks - have done - woah! what the Friday did OTL do?

Computer starting to behave like it’s old self again (relief)

Mainly we cleared all the temp files and caches

Try a defrag and that might speed it up a bit more

If all is well tomorrow I will tidy up

Will do - many thanks!

aswMBR.exe turned up - it had been downloading without my knowledge then pinned itself to the desktop when it was ready. Computer 90% improved but still giving me thrills and spills - last night everything was okay until I booted down, then it hung - closed all the programs but just hung at the final close screen, I had to manually switch off. Please advise further.

aswMBR.exe log attached.

thanks.

I should imagine that there was one hanging programme that refused to close

You can force programmes to close although it does require a reg tweak

Well I tried shutting down again - this time it told me it was installing updates, so I let it run. Trouble is 3 hours later there was the same message and nothing else. I booted down then up, then manually checked for updates. There were 3, two uploaded but the third just hung, it is a pain.

Is my computer clear though - are these just Microsoft glitches please?

Thanks,

AV

What is the KB number of the update that is not installing

This will be in the windows update history list as failed