Hi.

I have a licensed copy of Avast Internet Security.

I also have current and valid licenses for Malwarebytes, Bit Befender & Webroot.

I am now pretty sure that I am under attack. Every single anti-virus / anti-malware program that I get fails miserably. And each time I do anything about it, things seem to get worse.

At first, Malwarebytes became so bloated that it was completely ineffective, a resource hog in itself. I used the rescue disc and tried to scan the boot drive, but after it found a couple viruses, it could never complete the scan and would reboot the computer. But after a couple of attempts at full scans from the CD, I lost access to Windows.

Eventually, I wound-up with a hard drive error, and I sent the old one back, still under warranty. I purchased a new SSD drive. I recovered most of my files from a NAS drive device, but I lost a lot.

To avoid the virus, I did a fresh install of 64 bit Windows Ultimate on the new SSD, instead of using the older HDD I had upgraded from. I have Service Pack 1, 4GB RAM, core2 duo P8400 @ 2.26 GHz & 2.27 GHz.

But even after a fresh install, after a while, I ran a full scan and the system would reboot, everytime. Now I just ran a full scan with Avast and the system rebooted.

I don’t think there is anything in the world that will protect my system.

Attach your basic diagnostic logs. (MBAM, FRST and aswMBR)
Instructions: https://forum.avast.com/index.php?topic=53253.0

To be clear…

Malwarebytes did not work, so I went out and bought Bit Defender and used that instead when rebuilding the boot drive with fresh installs.

Soon, Bit Defender was rebooting upon a full scan after showing me it found a virus (which it let through).

So I bought Webroot and it got rid of that virus, but soon it let another by that really screwed me up. So I bought Avast. I was very happy when it performed a full scan and did not reboot.

Yersterday I lost access to the BDR. But today we found out my client’s website was hacked. Very unusual. I saw my client had a new upgrade to Avast. After deleting various hack files on my client’s host account, I ran a full Avast scan and it crashed.

I am so tired of this.

Yes, I only run one anti-virus / anti-malware program at a time. Yes, it passes a multipass memory test.

This just sucks so bad.

If you want help, we need your logs.

I just installed and ran Malwarebytes. It completed successfully with 0 threats.

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 8/21/2015
Scan Time: 6:05 AM
Logfile: MBAM_scan-log.txt
Administrator: Yes

Version: 2.1.8.1057
Malware Database: v2015.08.21.03
Rootkit Database: v2015.08.16.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Doug

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 383643
Time Elapsed: 20 min, 49 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)

OK…

So now let me ask, why am I using MBAM all over again? And why did Avast Crash and reboot my machine?

Is Avast not up to the task of protecting my computer?

OK, I see rootkit scanning was not enabled. I am rescanning. I think the problem is a rootkit. At least I had Avast scanning for rootkits when it failed.

Hi Domainer

From the link Asyn posted, most and for all we need the two logs from Farbar Recovery Scan Tool called FRST.txt and Additions.txt.
Please attach those logs to your next reply.

Greetz, Red.

Trying this again…

ASWMBR seems stuck.

No malware apparent on this system. If you clean installed on a fresh drive then unless you got infected by downloading something it should remain clean

That should be good news, but the issue still remains, Avast crashed and rebooted the system for no apparent reason and Power2Go refuses to load because I “lost access to the drive”. ???

Why am I using Malwarebytes when it slows my system way too much? It’s terrible, a real resource hog. It was using up 70% or more of the CPU when I decided to nix it after it couldn’t scan and it was rebooting the system, too. Probably, that’s why I got paranoid.

Are you guys running MBAM & Avast together? Wouldn’t that be really hard on the system?

So, I suppose I should try to reinstall Power2go? I’ll try to scan with Avast one more time. If it crashes my system I will start looking for something else.

Have you considered that one of your programmes may be conflicting with antivirus scans ?

Hi…

I very definitely have a virus.

I ran another scan with Avast whille I was passed out. When I awoke just a few minutes ago, I was looking at the Windows login screen, so the system rebooted.

Now, you can say that it is a combination of programs if you want. But I have run these very same programs before. The only thing new is that I left MBAM operational and turned Avast on.

But when I booted up to my desktop, it was completely black. The mouse shows up, but that is all I see,and the coffee cup sprite from what I think is Media Expresso from my Cyberlink Media Suite 11 Ultimate package shows up. But that is all.

When I clicked on the Media Expresso coffe cup sprite, it just disappeared.

I clicked on what would be the area for my start button and .othing happened.

I clicked.next to that, hoping to activate and run a quick link, but.all I have before me is a mouse arrow pointer.

Now, you can say that I am disturbed. Because I have another computer in my house that has a video screen that is all black. We thought it was a problem with the video card, but that didn’t make sense either, because it works fine until it boots into Windows 7 ultimate. That is my son’s computer. It doesn’t even show a mouse pointer, though. And when we shut it down, we have to hold in the power button.

Getting back to my PC, I was able to see screens again when I shut it down by poking the power button, and then I would see glimpses of screens. Like I could see that there was a program running that needed to be closed in order to shutdown, briefly. Then, I finally saw the shutdown screen.

Once logged out I could see the shutdown screen clearly. But, that is where it stayed.

So I had to hold in the power button in order to get the laptop PC to fiy shutdown all the way.

I am writing this on a smart phone.

Am I paranoid to think I am under attack? I don’t think I am.

Obviously, something is wrong, big time. Not just with my computer, but with my son’s desktop as well.

I have Windows PE on a Flash drive, I will try to boot into that. I made it for my son’s PC. But then he went to bed after I did and then my client’s website was attacked and so we changed all the passwords and deleted all the files.

So I will try to boot into the flash drive now. But this looks like an attack on me, to me, now.

Work outside of windows

Create an emergency repair USB drive:
Download Dr Web Live USB to your desktop

[]Connect a USB flash drive to the computer. Registering the plugging in event takes no more than 10 seconds.
[]Launch drwebliveusb.exe.
[*]The program will detect available USB-devices automatically and prompt you to choose the one you?d like to use as an emergency repair drive. You can format the device if you like (a warning will be displayed before you proceed with formatting). In order to read the License agreement, follow a corresponding link found in the program window (the page containing the license agreement text will be loaded in your default browser).

https://dl.dropbox.com/u/73555776/liveusb_ru.jpg

[]To create a bootable USB flash drive, press the Create Dr.Web LiveUSB button.
[]Files will be copied automatically.
[]Once the copying process is completed, press the Exit button to close the application.
[]Reboot the infected computer with the USB in the drive
[]Ensure that the first boot device is USB - If you are not sure about that then see this page for instructions
[]As loading starts, a dialogue window will prompt you to choose between the standard and safe modes.

https://dl.dropboxusercontent.com/u/73555776/Live%20boot%20screen.png

[*]Use arrow keys to select DrWeb-LiveCD (Default)

https://dl.dropboxusercontent.com/u/73555776/drwebselect.JPG

[*]Press select objects for scanning

https://dl.dropboxusercontent.com/u/73555776/drwebfolders.JPG

[*]When the system is loaded, check the disks or folders you want to scan, and click on Start.

[*]The programme will now scan for and cure/delete any malware that it finds. Allow it to do so

https://dl.dropboxusercontent.com/u/73555776/drwebscan.JPG

[*]When it has completed

https://dl.dropboxusercontent.com/u/73555776/drwebscancomplete.JPG

[]Select Open Report and copy to the USB
[]Once completed reboot to normal windows, and attach the report here

Ok…

I am still on my (not so) smart phone.

I killed the wifi. My router usually has a power light that isn’t displaying when its on. It is supposed to be, so I unplugged it.

The chinese tried to log into my account on my client’s website 84 times last night. It has been locked down with an SSL certificate and extra eyes on it, now.

On my computer, I cannot boot to the Windows PE flash jump drive, but I was able to log in with safe mode. I did a disk clean and then tried to run disk degragmenter and have it check the empty sectors too, but it will not run.

So now I will try to figure out a way to download that usb program on my cell network to a whole different computer.

This is absolutely insane.

Here is another question…

I cant get Cyberlink PowerBackup or Acronis PC Backup and Recovery to work reliably on my system. They worked sometimes but would take days to make a. Backup. And sometimes they would just fail and crash the PC. So I grabbed AOMEI Backupper because it was a freeware backup program that appeared to work well and reliably. I was even going to buy it as soon as I got back on my feet (I have been out of work for a couple months). But it is a Chinese product. Is it possible that it is the source of all these hacking attacks?

Of course, the MBAM anti-malware programs rebooting my machine all the time on scans/protection started before I downloaded it.

Thanks, you guys.

I made another post. It isn’t showing up?

OK…

Now I am back on my computer. The last post I made had to do with when I was exiting Windows safe mode, it did a Windows Update, I have no idea why or how (no network)??? Then it rebooted straight into loading windows, and then did another Windows Update screen for a very long time. I was scared to shut it down, the drive was very active. I poked the power button when it said 100% update and was worried when it wasn’t shutting down. But, then after a very long time, it did.

I did a “Last Known Working Config” from the advanced boot menu (I think that’s what it is). I am using my cell phone for internet access (WiFi Hotspot).

I still need to do the USB thing, but I have to figure out how to get access to the bios to make sure it is the first boot option. I am looking through my documentation at the Sony site, but I can’t find anything on how to get into the bios.

There has to be something wrong if Avast is always crashing on a deep scan. The cyberattack was no joke, and it is not a coincidence that my son’s computer has a black screen upon Windows bootup, either.

This is all very discouraging. I am so angry at the chinese right now.

I can’t find the key to push to enter the bios in any documentation. As I have an SSD drive, I can’t try everything, I’m rebooting like crazy trying to find it, now.

https://community.sony.com/t5/VAIO-Upgrade-Backup-Recovery/How-can-I-enter-bios-on-my-vaio-I-want-to-boot-from-the-cd-drive/td-p/60063

I have now downloaded that DrWeb LiveDisk flash drive app 3 times. Each download has an error: Failed - System busy

I noticed the last time that it actually went to 100% download in Chrome. But then the error.

If only I had enough money to buy a new computer. This is ridiculous.

I downloaded Dr.Web LiveDisk to another computer and put it on a Flash Drive, then booted up to it.

It didn’t find a thing.

So, now we are back to the original question. I have a licensed copy of Avast good for nearly another year. I even have other anti-virus and anti-malware software.

Avast is crashing with every deep scan. That is an issue. It is NOT a virus, we all know that now. But it is a problem. Why is it a problem is the grand old million dollar question. If Avast doesn’t care to correct the issue (which it apparently doesn’t, as here I am reporting the issue and jumping through all these hoops because Avast itself made me even more paranoid with every crash), I still need a solution that works.

Any recommendations on a good and reliable full featured anti-virus AND anti-malware internet security suite to replace Avast with? It seems I am trying them all. What the heck?

Follow instructions: https://www.avast.com/faq.php?article=AVKB33#artTitle