Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Boot Scan with AVAST! wrecked my WIN7 OS computer


  • This topic is locked This topic is locked
9 replies to this topic

#1 keenidea

keenidea

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:08:00 PM

Posted 02 June 2014 - 11:08 PM

I have an Acer AX3810-U1802 desktop running 64-bit Windows 7 with Microsoft Security Essentials (MSSE) as the only virus/malware software.  I purchased the computer new several years ago, and it is stock (i.e., no hardware mods).  Recently my wife got some sort of pop-up while using Skype, and she clicked on a "No Thanks" button in the pop-up window.  This immediately resulted in slow-down of the computer (especially while surfing the internet) and the start of ghost audio (e.g., like listening to FM radio ads with bad reception) playing constantly after connecting to the internet, and this ghost audio would not stop unless the computer was restarted, and then would always immediately start again after reconnecting to the internet by opening MS Explorer browser.  I immediately performed a full scan of the hard drive with update-to-date MSSE and it found nothing suspicious.

 

Soon after, a neighbor who recently graduated with a degree in computer IT told me to try using AVG or AVAST! to perform the virus/malware scan.  I downloaded free AVAST! and it immediately discovered a Trojan virus, and then recommended that I allow it to automatically restart the computer and perform an AVAST! boot scan.  Since I was very pleased that AVAST! found something during the initial scan and seemed to be doing something positive, I agreed to let it perform the boot scan.  I only sat through the first 10 minutes of the process where it found several suspicious items and offered me many options of handling them.  I kept selecting the default option of "automatically fix" thinking that AVAST! would be smart enough to know how to handle each item (e.g., repair, quarantine, delete, ignore, etc.).  I came back a few times to check on the process, and at one point I found it paused on one item that it said it had tried to unsuccessfully delete, so I just selected "ignore" for that one item and let it proceed onward.

 

An hour later I came back and found the computer engaged in an continuous loop of automatically restarting/rebooting each time it got to the Windows logo point in startup.  I was able to use F8 to get to the advanced boot menu, and out of the many menu options (which include a full system restore), I attempted to just start in Safe Mode (twice), but it only lets me enter the computer ID and password, and then it just pauses and automatically goes back into the same continuous reboot loop again. I did not try executing any other options on this advanced boot menu.  Also, please know that I did make a set of restore discs when I originally got the computer, but for me a full restore would be a last resort, and it is not even clear to me whether that would work given the current dysfunctional state of this computer.

 

After reading many of the various forum threads here and elsewhere, I got the impression that there may be a portable program like FARBAR Recovery Scan Tool, or some other repair tool that might be able to find and repair whatever damage was done to the OS / boot sector on my computer.  I am somewhat confused about what to try next and fear I may just do additional damage and completely brick the computer, so I have done nothing further at this point.  Unfortunately, since the computer will not even boot up properly, I am unable to generate any diagnostic logs now.

 

Emergency aid from one of the trained professionals in this forum would be greatly appreciated to get my computer running and disease-free again.  Thanks so very much.

 

- Andrew



BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,740 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:00 PM

Posted 07 June 2014 - 11:10 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/536427 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 Bud_91

Bud_91

  • Malware Response Team
  • 438 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:00 PM

Posted 11 June 2014 - 09:18 AM

Hello and welcome to Bleeping Computer. I am sorry that you are having troubles with your computer and will try my best to help you. I know that being infected is very frustrating, but I will be here to help you through the whole process of cleaning. Removing malware can be difficult and complicated and will most likely take many steps, so please stick with me until I have declared your computer clean. I always recommend printing my instructions before following them in case you cannot keep this webpage open. Please be sure to alway follow all steps exactly as they are written and let me know what happens each time. Stop and ask if something unexpected happens or if you are unsure of how to proceed.
 
Please respect my volunteered time and stay with me until I declare your computer clean. If you are going to be delayed for a while, please let me know.
 
Let's see if we can get a scan.
 

For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.
 
Plug the flashdrive into the infected PC.
 
Enter System Recovery Options.
 
To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select English as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.
 
 
On the System Recovery Options menu you will get the following options:
Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt
  • Select Command Prompt
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst64.exe and press Enter
  • Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  •  
    FRST.PNG
     
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.

  • Edited by Bud_91, 11 June 2014 - 09:19 AM.

    If I have not responded to your log in 36 hours, feel free to send me a PM.

    If you would like to make a thank-you donation, please click here: btn_donate_SM.png

     

    A.K.A. Buddierdl @ GeeksToGo.com


    #4 keenidea

    keenidea
    • Topic Starter

    • Members
    • 4 posts
    • OFFLINE
    •  
    • Local time:08:00 PM

    Posted 13 June 2014 - 11:29 PM

    It's been a rough week, but I should be able to get going with the FRST scan this weekend and then proceed quickly through the full repair procedure.  Thanks for your patience. 



    #5 Bud_91

    Bud_91

    • Malware Response Team
    • 438 posts
    • OFFLINE
    •  
    • Gender:Male
    • Local time:09:00 PM

    Posted 15 June 2014 - 01:48 PM

    :thumbup2:


    If I have not responded to your log in 36 hours, feel free to send me a PM.

    If you would like to make a thank-you donation, please click here: btn_donate_SM.png

     

    A.K.A. Buddierdl @ GeeksToGo.com


    #6 Bud_91

    Bud_91

    • Malware Response Team
    • 438 posts
    • OFFLINE
    •  
    • Gender:Male
    • Local time:09:00 PM

    Posted 19 June 2014 - 01:30 PM

    Have you been able to follow the instructions?


    If I have not responded to your log in 36 hours, feel free to send me a PM.

    If you would like to make a thank-you donation, please click here: btn_donate_SM.png

     

    A.K.A. Buddierdl @ GeeksToGo.com


    #7 keenidea

    keenidea
    • Topic Starter

    • Members
    • 4 posts
    • OFFLINE
    •  
    • Local time:08:00 PM

    Posted 21 June 2014 - 09:04 AM

    Not yet, a family member is moving and I am completely tied up with them for the next few days.  I should have time on Tuesday.  Thanks for waiting.



    #8 keenidea

    keenidea
    • Topic Starter

    • Members
    • 4 posts
    • OFFLINE
    •  
    • Local time:08:00 PM

    Posted 26 June 2014 - 11:50 PM

    Please close this topic thread.  I decided to perform a full system restore with fresh installation of all software so that I would have a clean install to create a backup system image.  That way this type of malware problem in the future will take 15 easy minutes to cure, rather than many frustrating hours.  However, please know that your attention and willingness to help is greatly appreciated.  Thanks again.



    #9 Bud_91

    Bud_91

    • Malware Response Team
    • 438 posts
    • OFFLINE
    •  
    • Gender:Male
    • Local time:09:00 PM

    Posted 27 June 2014 - 08:22 AM

    You're welcome.


    If I have not responded to your log in 36 hours, feel free to send me a PM.

    If you would like to make a thank-you donation, please click here: btn_donate_SM.png

     

    A.K.A. Buddierdl @ GeeksToGo.com


    #10 Bud_91

    Bud_91

    • Malware Response Team
    • 438 posts
    • OFFLINE
    •  
    • Gender:Male
    • Local time:09:00 PM

    Posted 27 June 2014 - 08:22 AM

    It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.

    If I have not responded to your log in 36 hours, feel free to send me a PM.

    If you would like to make a thank-you donation, please click here: btn_donate_SM.png

     

    A.K.A. Buddierdl @ GeeksToGo.com





    0 user(s) are reading this topic

    0 members, 0 guests, 0 anonymous users