Boot Scan {data error}

After encountering a problem where the machine appears to be rendered slow/unusable … I decided to start a boot scan last night.

My win7 laptop has been running this boot scan for over 12 hours, and is at about 48%, that is, last time a percentage showed up. I get tons of files with {data error}, and {…archive is corrupted}. When it encounters these, it seems to hang for about 10 minutes, then continues. It did hit a few virus files a few hours ago, but now I’m seeing more of the {data error} and {… archive is corrupt}. Some of these are on ‘downloads’, others on windows files?

Any ideas?

I assume I should let this finish.

Will avast ‘handle’ the {data errors}, or am I in trouble here?

Thanks in advance…

C…

avast is a antivirus program…the only files of interest to it are infected files

files that can not be scanned are just that…it does not mean they are infected
avast is just giving you a error report and the reason why

Thanks for that info.
Is there any way to get it to skip over a file with a {data error} it appears to be hanging on?
I’d like to see if this can finish before I wipe the whole machine back to factory.

C…

hi fourthrail,

I suggest letting avast! finish the boot scan first and then consider using the free expert malware services available here before taking the drastic step of restoring to factory condition. At least that way, the expert helping you can say whether a factory state better for you or if a cleansing of your system will be effective and make your system trustworthy, or not.

He will need certain logs to help you reach that decision, and will work with you if you decide to clean or restore to factory. Just be aware there are ways to save your personal files if you decide to do so. All you have to do is ask.

Here: http://forum.avast.com/index.php?topic=53253.0

Programs needed to run: AdwCleaner, Malwarebytes, OTL, and aswMBR.exe If you can get into safe mode, some of these programs can be run safely provided you scan only and do not make any changes to your system via quarantining/deleting any found malicious files.

Please attach the resulting logs in your next reply.

I will give this a shot.
The machine is largely unresponsive … eg: open app, wait 5 minutes, click, wait 5 minutes …

Malwarebytes running in safe mode is hung.

Currently scanning: C:\PROGRAMDATA\WildTangent.…-extr.exe

hi fourthrail,

OTL is the main one. If you can get that to run, be patient. If none of them work, then someone like essexboy can work around these issues and still get the information we need to cleanse your system. One way is to work outside of Windows where it is not running but the program you will run does.

I know it is frustration and annoyance to the hilt to have this happen, but if you need to know, for example, how to save your personal files, just ask. At least once that is done, no worries about losing those anymore.

I will notify a malware expert to assist you with this advanced recovery procedure if you wish.

EDIT: The good news is, you apparently are able to get into Safe Mode. Does not always happen in a case like this.

OTL running now … seems to be sitting a long time on a Chrome/Extension.
Waiting it out.

OTL logs attached.
Thanx for all the assistance mc.

Hey, big kudos for getting that done! Good job!

Off to notify and get help for you now.

As our malware specialists are living in possibly different time zones than you, please be patient and keep and eye out here.

Hi first we will need to remove all the toolbars and other such stuff

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL

[*]Under the Custom Scans/Fixes box at the bottom, paste in the following

https://dl.dropbox.com/u/73555776/OTL_Fix.GIF


:OTL
O2:64bit: - BHO: (IB Updater) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\IB Updater\Extension64.dll ()
O2 - BHO: (IB Updater) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\IB Updater\Extension32.dll ()
O2 - BHO: (StartNow Toolbar Helper) - {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll File not found
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll File not found
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo Layers Runtime (Drop Down Deals)\YontooIEClient.dll (Yontoo LLC)
O3:64bit: - HKLM\..\Toolbar: (no name) - !!{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - !!{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - !!{C80BDEB2-8735-44C6-BD55-A1CCD555667A} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - !!{F9639E4A-801B-4843-AEE3-03D9DA199E77} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !!{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !!{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !!{C80BDEB2-8735-44C6-BD55-A1CCD555667A} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !!{F9639E4A-801B-4843-AEE3-03D9DA199E77} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Wincore Mediabar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\ToolBar\wincoreimdtx.dll File not found
O3 - HKLM\..\Toolbar: (StartNow Toolbar) - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll File not found
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll File not found
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
[2012/09/24 18:39:25 | 000,000,000 | ---D | C] -- C:\Users\Haley\AppData\Local\Ilivid Player
[2012/09/24 18:38:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iLivid

:Files
C:\PROGRA~2\IMESHA~1
C:\Program Files (x86)\StartNow Toolbar
C:\PROGRA~2\SEARCH~1
C:\Program Files (x86)\Yontoo Layers Runtime (Drop Down Deals)
C:\Program Files\IB Updater

:Commands
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]

[*]Then click the Run Fix button at the top
[*]Let the program run unhindered, reboot the PC when it is done
[*]Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

THEN

CLEAR THE BAD TOOLBARS

Download AdwCleaner from here to your desktop
Run AdwCleaner and select Delete

https://dl.dropbox.com/u/73555776/AdwCleaner.GIF

Once done it will ask to reboot, allow this
On reboot a log will be produced please attach that

Will give this a shot.
Thanx again in advance.