Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Boot execute Mystery


  • Please log in to reply
4 replies to this topic

#1 Budnarrow

Budnarrow

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Minnesota
  • Local time:11:34 PM

Posted 27 March 2015 - 09:48 PM

Hello I am knew to this forum so be easy on me j/k

I was searching through system internals autoruns and I found this in my registry can someone explain what this is in Bootexecute? to me it don't look legit Attached File  file not found boot execute.JPG   64.44KB   0 downloads

 

I went to scan the MBR with Avast MBR stand alone scanner with [....] and my computer went into the BSOD.

==================================================
Dump File         : MEMORY.DMP
Crash Time        : 3/28/2015 4:23:03 PM
Bug Check String  : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code    : 0x0000000a
Parameter 1       : 00000000`00000000
Parameter 2       : 00000000`00000002
Parameter 3       : 00000000`00000000
Parameter 4       : fffff800`02e91b34
Caused By Driver  :
Caused By Address :
File Description  :
Product Name      :
Company           :
File Version      :
Processor         : x64
Crash Address     :
Stack Address 1   :
Stack Address 2   :
Stack Address 3   :
Computer Name     :
Full Path         : F:\Documents\Computer tech\BSOD\MEMORY.DMP
Processors Count  : 8
Major Version     : 15
Minor Version     : 7601
Dump File Size    : 1,539,457,390
Dump File Time    : 3/28/2015 4:24:09 PM
==================================================

Can someone please help me?, I think my computer is infected.


Edited by Budnarrow, 28 March 2015 - 05:41 PM.


BC AdBot (Login to Remove)

 


#2 Budnarrow

Budnarrow
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Minnesota
  • Local time:11:34 PM

Posted 29 March 2015 - 05:26 PM

an update to this post this is from last night:

 

I did some other scans with malware bytes, SUPERanti-spyware, ESET and system mechanic. malware bytes found some 36 infections and removed them. my computer is a little faster but it still boot kinda slow for a SSD. still will have to find someone who can help me with the boot.

 

I think I will have to re-name the standalone scanner something other than Avast and run it again and see if it BSODs again or finds the problem and reports what it is in a text file.

 

I ran Kaspersky's Boot scan utility and it didn't find anything

 

I than ran Kaspersky's autorun scan tool and it repaired two registry keys. I would show you the screen shot but it doesn't work so well with this forum.

 

This is from earlier today:

an update is that my anti-malware is getting disabled. I have had to once again re-install my anti-malware program. where I have been getting all of my problems? it from listening to radio stations internet players.

 

I went into safe mode with networking renamed the tool and ran the Avast MBR standalone scan tool. it updated definitions again but got a little way through the scan and then the scan tool crashed itself. when it got to a Microsoft office file. I do remember it being a root file and then some. the program crashed and I was forced to exit the program and so there was no .txt file.

 

I ran the Farbar recovery scan tool and there was three .txt files created but no fix list created. so apparently my computer is clean.

http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/


Edited by Chris Cosgrove, 29 March 2015 - 06:15 PM.
Moved from Win 7 to 'Am I infected?'


#3 Robear Dyer

Robear Dyer

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:34 AM

Posted 30 March 2015 - 05:49 PM

cf. http://answers.microsoft.com/en-us/protect/forum/protect_other-protect_scanning/avast-mbr-tool-bsod/9ece2e01-fff6-4ad7-8906-9961fb1b80b0


~Robear Dyer (PA Bear)
MS MVP-Windows (IE/OE, Security, Shell/User)
Aumha VSOP, Admin & Moderator

#4 Budnarrow

Budnarrow
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Minnesota
  • Local time:11:34 PM

Posted 02 April 2015 - 07:57 PM

That is my microsoft post about this same subject. i am trying to get as much help as i can.



#5 Budnarrow

Budnarrow
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Minnesota
  • Local time:11:34 PM

Posted 02 April 2015 - 08:26 PM

i have been getting the same virus over and over again and this is the virus:

W32/Agent.YM.gen!Eldorado;

it gets into the master boot.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users