After encountering a problem where the machine appears to be rendered slow/unusable … I decided to start a boot scan last night.
My win7 laptop has been running this boot scan for over 12 hours, and is at about 48%, that is, last time a percentage showed up. I get tons of files with {data error}, and {…archive is corrupted}. When it encounters these, it seems to hang for about 10 minutes, then continues. It did hit a few virus files a few hours ago, but now I’m seeing more of the {data error} and {… archive is corrupt}. Some of these are on ‘downloads’, others on windows files?
Any ideas?
I assume I should let this finish.
Will avast ‘handle’ the {data errors}, or am I in trouble here?
Thanks for that info.
Is there any way to get it to skip over a file with a {data error} it appears to be hanging on?
I’d like to see if this can finish before I wipe the whole machine back to factory.
I suggest letting avast! finish the boot scan first and then consider using the free expert malware services available here before taking the drastic step of restoring to factory condition. At least that way, the expert helping you can say whether a factory state better for you or if a cleansing of your system will be effective and make your system trustworthy, or not.
He will need certain logs to help you reach that decision, and will work with you if you decide to clean or restore to factory. Just be aware there are ways to save your personal files if you decide to do so. All you have to do is ask.
Programs needed to run: AdwCleaner, Malwarebytes, OTL, and aswMBR.exe If you can get into safe mode, some of these programs can be run safely provided you scan only and do not make any changes to your system via quarantining/deleting any found malicious files.
Please attach the resulting logs in your next reply.
OTL is the main one. If you can get that to run, be patient. If none of them work, then someone like essexboy can work around these issues and still get the information we need to cleanse your system. One way is to work outside of Windows where it is not running but the program you will run does.
I know it is frustration and annoyance to the hilt to have this happen, but if you need to know, for example, how to save your personal files, just ask. At least once that is done, no worries about losing those anymore.
I will notify a malware expert to assist you with this advanced recovery procedure if you wish.
EDIT: The good news is, you apparently are able to get into Safe Mode. Does not always happen in a case like this.
:OTL
O2:64bit: - BHO: (IB Updater) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\IB Updater\Extension64.dll ()
O2 - BHO: (IB Updater) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\IB Updater\Extension32.dll ()
O2 - BHO: (StartNow Toolbar Helper) - {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll File not found
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll File not found
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo Layers Runtime (Drop Down Deals)\YontooIEClient.dll (Yontoo LLC)
O3:64bit: - HKLM\..\Toolbar: (no name) - !!{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - !!{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - !!{C80BDEB2-8735-44C6-BD55-A1CCD555667A} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - !!{F9639E4A-801B-4843-AEE3-03D9DA199E77} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !!{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !!{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !!{C80BDEB2-8735-44C6-BD55-A1CCD555667A} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !!{F9639E4A-801B-4843-AEE3-03D9DA199E77} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Wincore Mediabar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\ToolBar\wincoreimdtx.dll File not found
O3 - HKLM\..\Toolbar: (StartNow Toolbar) - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll File not found
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll File not found
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
[2012/09/24 18:39:25 | 000,000,000 | ---D | C] -- C:\Users\Haley\AppData\Local\Ilivid Player
[2012/09/24 18:38:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iLivid
:Files
C:\PROGRA~2\IMESHA~1
C:\Program Files (x86)\StartNow Toolbar
C:\PROGRA~2\SEARCH~1
C:\Program Files (x86)\Yontoo Layers Runtime (Drop Down Deals)
C:\Program Files\IB Updater
:Commands
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]
[*]Then click the Run Fix button at the top
[*]Let the program run unhindered, reboot the PC when it is done
[*]Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
THEN
CLEAR THE BAD TOOLBARS
Download AdwCleaner from here to your desktop
Run AdwCleaner and select Delete