Virus Cocktail, disabled system.

Hello, I’ve been using Avast home edition w/ the AV for quite a while now with no problems as far as I could tell. I was using the 4.8 version, I decided to update to 5.0 but instead of 5.0 Home edition I downloaded just Avast antivirus. After restarting programs sometimes load, sometimes don’t, majority of the computer functions becomes frozen within 30 seconds? Can’t CTRL+ALT+DEL, open programs from desktop and the bottom start bar is completely frozen.

I’ve been running 4.8 Home, Zonealarm Firewall, and MBAM for quite awhile without any problems I couldn’t solve. I’m a bit of a newb someone please help :slight_smile:

Basically what I think has happened is all the Viruses in the 4.8 Home chest weren’t transferred to the 5.0 chest and are going bonkers. Maybe I made an error or it was because I downloaded a wrong Avast version (just the AV instead of Home edition).

Check your computer for Malware with

Malwarebytes Anti-Malware 1.46 http://filehippo.com/download_malwarebytes_anti_malware/
always run update before you scan, so you have the lates database
click the remove selected button to quarantine anything found
you may post the scan log here

Try a clean install and see if that will fix it.

  1. Save a copy of newest version of Avast (5.0.594) for the version you need and save it to your HDD:
    Free – http://files.avast.com/iavs5x/setup_av_free.exe
    Pro – http://files.avast.com/iavs5x/setup_av_pro.exe
    AIS – http://files.avast.com/iavs5x/setup_ais.exe

  2. Download the Avast Uninstall Utility, aswClear5.exe http://www.avast.com/uninstall-utility and save it to your HDD (it has uninstall tools for both 4.0 and 5.0).

  3. Disconnect from the Internet at this time.

  4. Uninstall Avast through “Add/Remove Programs”.

  5. Boot into Safe Mode and run the Avast Uninstall Tool.

  6. Reboot twice.

  7. Clean your computer up (clean up cache, etc.). ( http://www.piriform.com/ccleaner )

  8. Install the newest version of Avast and reboot twice.

  9. Get Internet access and update Avast definitions.

  10. Register your copy or add the license key for Free, Pro or AIS.

  11. Reset your settings, if needed.

Sigh… the problem has worsened now. None of the programs load upon startup anymore (Avast, Zonealarm Firewall, other minor things). I try to go to the start menu but it keeps freezing almost asap. So the whole bottom bar seems disabled, ctrl+alt+del is disabled, and attempting to open anything on the desktop doesn’t work. Seem’s like whatever I had was being kept in check by the Avast on-scanner etc and now that I removed it, it has gone berserk.

     I've always used MBAM Pondus I'm really paranoid about viruses and things, I usually full system scan weekly w/ Avast & MBAM. Nothing has been found. My most recent infection (2-3 weeks ago) Was that Malware Gen32, alot of people are posting about it here with their problems. I ran a full scan found 5 copies of the virus all in the I moved them all to the Avast Chest. Hasn't been any problems since and further scanning has found nothing.

“Avast! Version 4.8 Home Edition - Free Antivirus” was what I was using.
Edit - May have been a huge error on my part, I don’t think I downloaded Avast 5 Pro, just the AV. What should I do now?
Thanks in advance for the help Pondus, and Everyone.
Phil

So I can ctrl+alt+del immediately once the computer starts before any freezing occurs.

I found what I believe two new processes which I’ve never seen before:
imapi.exe
sf.bin

It freezes shortly after and I can’t do anything again.

so are you able to follow Essexboys guide and post the logs ?
http://forum.avast.com/index.php?topic=53253.0

lower left corner: +Additinal Options > Attach > ( MBAM log / OTL.Txt and Extras.Txt )

It just seems to be freezing so fast I can’t do much of anything… I’d like to download OTL but it’s not possible.

Dr.Web Emergency System Recovery Disk http://www.freedrweb.com/livecd/?lng=en
How does it work? http://www.freedrweb.com/livecd/how_it_works/

Yeah I mean, sometimes Avast loads sometimes it doesn’t regardless, the end result is a DISABLED/ Semi-Frozen system. Is there a way I can systems restore in safe mode? Hopefully that can revert it to 3 days ago when I had 4.8 Pro and there were no problems whatsoever.

Edit When I wrote the original post it was in a rush middle of the night, so I think the title is misleading. This odd behavior definitely seems to be a virus, never has this happened on the system before.

If you have a non-infected computer, Try downloading Dr. Web Live CD from there.

You can also use Vipre Rescue or BitDefender Rescue CD.

Save me Essexboy! I’m having kind of similar problem to Memphis.T

I am still learning but i do know this
Once you get it fixed (and with these peoples help, you will get it fixed) you should have a variety of anti spy ware and virus programs
available to use…like:
Avast
Malwarebytes’ Anti-Malware (mbam)
ewido anti-malware
SuperantiSpyware
and maybe
aswar
hjt
and others…
also …I make shortcuts on the taskbar to these programs- It has saved me more than once, on several computers…it was due to the fact that I was able to quickly click on the taskbar shortcut to the program I needed before the virus kicked in.
after you do that make a few discs with the latest antispyware and anti virus ware to keep around…in case you cant connect to the internet…this has also saved me.

sorry if these are newbee tips…they may help someone though.

Bump? It’s been like over a week I still need some help :frowning:

Seems essexboy is away for a while…
You can go here for malware removal help.
http://support.emsisoft.com/forum/6-malware-removal-help/
asyn

Ty I’ll definitely take a look at that when I can(probably tomorrow). I just updated my old computer’s Avast from 4.8 -->5.0 through the Avast popup. Work’s perfectly fine. On my newer comp I manually downloaded 5.0 and installed it which led to this situation. Perhaps systems restoring in safe mode and updating through the program should do the trick?


You can try that, PhilDar, as that is the way I updated the 12 computers I support and it worked perfectly each time … though some other people have had a few problems with this method but I suspect there were extenuating circumstances.

So, do the system restore and then update as you did on your old computer.

Let us know how it goes.


I tried system restoring in safe mode, it loaded back up as if I didn’t system restore at all… what is going on?

That is a very annoying problem I can see. You have certainly tried a lot to remedy this. It seems that I’m “that guy” to always recommend this but have you tried backing up all your data and formatting? Hehe it’s a lot easier than spending a great deal of time trying to find a “fix.”

Sf.bin = avast scanning code executing thing.
Microsoft IMAPI (imapi.exe) = file info thing for vista/7.

Everybody else has suggested a great lot of tools to help you that is for sure. If you have tried them and a system restore you may have no other choice. Turn your computer off for 15 minutes and format that sucker, start from scratch. Always choose Quick Format options if you are using an older version of windows. No reason to do a HDD surface scan, unless you think your HDD is damaged. Which could be causing you problems. Sorry to be “that guy” but it’s the best way to fix stuff within two hours! Just be sure to do backups but if you can’t good luck fixing it.

Just out of curiosity how long has it been since you have formatted your machine and done a fresh install? You should do it about once every 3-10 months for optimal computer performance. It could just be corrupted files on your computer that are causing errors and making your system lock up.

A format would help you determine if it was a software or hardware issue after as well.

I’m hoping to fix without reformatting, that usually is a last resort I don’t want to lose all my history, files, all that. If there was a way to back up your data then reformat then I’d consider it, but I don’t know how to do that, nor have I ever personally formatted a computer to optimize performance.

Out of curiosity are you able to do anything in safe mode? Since you have tried a restore and it didn’t work. You should be able to install these programs/run scans and such that have been advised by the helpful posters. It looks like you have access to a working machine. Burn a CD w/ all the programs people have advised or use a USB drive to transfer it to the machine during safe mode (unless you already have). Then run every scan available. If you have already done this let us know what is going wrong in safe mode. If not, this should allow you to pinpoint what the infected file(s) is/are. That’s going to be a big step if you can figure out through safe-mode what the culprit is. Once you figure that out it’s pretty much just step-by-step fixes after that.

I have a habit of backing everything up on my system weekly or bi-weekly anyway. I have an external drive I just go bananas with. If you have another machine it may be possible to mount the drive (as a slave) to it and extract whatever data you want to save. Then format it to reinstall windows. That’s a decent way to do it. I have a USB IDE HD enclosure I use to store stuff on my old 30-50GB drives as removable media and extract data from drives in the condition of yours. Sorry you are having so much trouble. Good luck let us know your progress and steps taken.

I already have Mbam and Avast 5.0 AV on the system installed. Could you give me a tutorial on how to open/access them in safe mode. If there is a way to update them too that would be gravy. Thanks for the feedback btw.