Hello, since I was having problems with downloaded .asf files, I was prompted to follow recomendations posted by essexboy in “Topic: Log to assit in cleaning malaware”. I followed the indicated instructions, I did run MBAM (log attached), then I did OTL (OTL.txt and Extras.txt attached) and then did aswMBR.exe as told. While runing this last program, at a certain point it crashed (“Windows unexpected crash” crash.jpg attached) and restarted the computer. I ran aswMBR.exe for a second time and at the expected crash point saved a log (aswMBR.txt and MBR.dat attached) and after a few seconds the program crashed again.
I would appreciate if someone could assit me with this problem.
Note: I am attaching to this post the mbam-log, OTL.txt and Extras.txt, since I only can attach a maximun of 4 files. The other 3 files, aswMBR.txt, MBR.dat and crash.jpg, will be attached to a second post to follow the present one.
I dont know if this is the right way to do it or not.
Thanks
post your logs in one topic, dont create a new for every attachment http://forum.avast.com/index.php?topic=96849.0
you click the reply button here…and attach those logs you could not in first post
Ok here are the 2 missing files in my initial post: mbam-log and OTL.txt plus aswMBR.txt and crash.jpg from my second. Do I have to send the MBR.dat also?
Apologize for the mistakes, but I am new to all this. Thank you
Hi lets use a different tool to look at the MBR
Download the latest version of TDSSKiller from here and save it to your Desktop.
[*]Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
http://i466.photobucket.com/albums/rr21/JSntgRvr/tdss_1.jpg
[*]Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
http://i466.photobucket.com/albums/rr21/JSntgRvr/tdss_2.jpg
[*]Click the Start Scan button.
http://i466.photobucket.com/albums/rr21/JSntgRvr/tdss_3.jpg
[*]If a suspicious object is detected, the default action will be Skip, click on Continue.
http://i466.photobucket.com/albums/rr21/JSntgRvr/tdss_4.jpg
[*]If malicious objects are found, they will show in the Scan results and offer three (3) options.
[*]Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
http://i466.photobucket.com/albums/rr21/JSntgRvr/tdss_5.jpg
[*]Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
A report will be created in your root directory, (usually C:\ folder) in the form of “TDSSKiller.[Version][Date][Time]_log.txt”. Please copy and paste its contents on your next reply.
Thanks for your reply essexboy. Attached TDSSkiller report and TDSSKillr.jpg final window.
Thanks for your help.
What are the current problems ?
While runing the scan at aswMBR.exe the program keeps crashing, giving the same result and stated before.
Could you try aswMBR from safe mode please
Ok I ran aswMBR.exe from safe mode. Scan finished successfully. What does this mean? Saved log attached. Thanks
That would indicate that a driver in normal mode is interfering with aswMBR’s function. But, it again shows clean so I do not think it is anything to be concerned about
I really appreciated your assistance along this issue. Thanks a lot essexboy
Run OTL and hit the cleanup button to remove it ;D