Author Topic: [Resolved - K] Avast detected delay.exe, FF and IE running slower with errors  (Read 6122 times)

Offline kevinf80

  • Malware Removal Staff
  • Diamond Member
  • Posts: 7656
Thanks for the update, leave MBAM for now and try the following:

Please read carefully and follow these steps.
  • Download TDSSKiller from here  http://support.kaspersky.com/downloads/utils/tdsskiller.exe and save it to your Desktop.

  • Doubleclick on to run the application.

  • The "Ready to scan" window will open, Click on "Change parameters" 





  • Place a checkmark next to Verify Driver Digital Signature  and Detect TDLFS file system, (Leave "Service & Drivers" and "Boot Sectors" ticked. Click OK.
     





  • Select "Start Scan"



  • If an infected file is detected, the default action will be Cure, change to Skip then click on Continue.





  • If a suspicious file is detected, the default action will be Skip, click on Continue.





  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.





  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.
Next,

Please download aswMBR from here: http://files.avast.com/files/rootkit-scanner/aswmbr.exe Save to your desktop.

  • Double click theaswMBR.exe icon, and click Run
  • There will be a short delay before the next dialog box comes up. Please just wait a minute or two.
  • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
  • Typically this is about a 100MB download so depending on your connection speed it can take a short while to download and become ready.
  • Click the Scan button to start the scan once the update has finished downloading
  • On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.


Note: There will also be a file on your desktop named MBR.dat do not delete this for now. It is an actual backup of the MBR (master boot record).

Post those logs to your next reply....

Thanks,

Kevin....

Offline Kat540

  • Bronze Member
  • Posts: 54
I tried to copy and paste the TDSSKiller report but I got this message "The following error or errors occurred while posting this message:
The message exceeds the maximum allowed length (65000 characters)." I tried to delete few lines at the top but it still wouldn't let me post.   For the aswMBR program it told me my computer supports virtualization technology and asked if I want to use it for rootkit detection. I've never heard of that so I didn't know whether to say yes or no.


Offline kevinf80

  • Malware Removal Staff
  • Diamond Member
  • Posts: 7656
Attach the TDSSKiller log, accept the offer from aswMBAR .... :t

Offline Kat540

  • Bronze Member
  • Posts: 54
The first time I ran aswMBR the PC completely froze. The second time it ran fine though. There were a few different options for the AV scan I wasn't really sure what to choose so I chose the C drive. TDSSKiller said it found some files but they seem to just be an ASUS file and the mouse, chose skip like you said but it didn't cure so I'm not sure if it needed to or not.

Offline kevinf80

  • Malware Removal Staff
  • Diamond Member
  • Posts: 7656
Those logs from TDSSkiller and aswMBR are clean, no malware or infection.... Run the following to clean up tools we`ve used.

Download "Delfix by Xplode" and save it to your desktop.

Or use the following if first link is down:

"Delfix link mirror"

Double Click to start the program. If you are using Vista or higher, please right-click and choose run as administrator

Make Sure the following items are checked:


  • Remove disinfection tools
  • Reset system settings

Now click on "Run" and wait patiently until the tool has completed.

The tool will create a log when it has completed. We don't need you to post this.

Any remnant files/logs from tools we have used can be deleted…

Let me know if any remaining issues or concerns...

Kevin

Offline Kat540

  • Bronze Member
  • Posts: 54
I am still getting FF errors one of which occurred a few minutes ago, but thank you for all your help

Offline kevinf80

  • Malware Removal Staff
  • Diamond Member
  • Posts: 7656
Hiya Kat540,

If Firefox is the only remaining issue run "Refresh" and see if there is any improvement, instructions at following link:

https://support.mozilla.org/en-US/kb/refresh-firefox-reset-add-ons-and-settings?redirectlocale=en-US&redirectslug=reset-firefox-easily-fix-most-problems

With Firefox open select these keys together :- Ctrl - Shift - A that will access Addons manger, search for and install the following addons:

Webutation, Adblock Plus, Adblock Plus Pop-up Addon, Flash Block

Is there any improvement?

Thanks,

Kevin...

« Last Edit: April 17, 2015, 02:30:46 PM by kevinf80 »

Offline Kat540

  • Bronze Member
  • Posts: 54
Hi, I refreshed FF and downloaded the add-ons a few times I had trouble with downloading them I kept getting errors. I'm also still getting the content encoding error and the secure connection error. I get both errors on different websites so its not always the same one.

Offline kevinf80

  • Malware Removal Staff
  • Diamond Member
  • Posts: 7656
Close Firefox down, open Internet Explorer. Surf about with IE, do you have any issues using that browser?

Offline Kat540

  • Bronze Member
  • Posts: 54
Ok, I tried using IE and I had loading problems on there as well. Sometimes it would just seem to hang there in loading until I pushed stop then reload. I also got a cannot display error on IE.

Offline kevinf80

  • Malware Removal Staff
  • Diamond Member
  • Posts: 7656
As these issues not appear to be malware/infection related run the following system check/repairs:

Download Portable Windows Repair (all in one) from one of the following:

http://www.tweaking.com/content/page/windows_repair_all_in_one.html
http://www.majorgeeks.com/Tweaking.com_-_Windows_Repair_Portable_d7222.html
http://www.bleepingcomputer.com/download/windows-repair-all-in-one-portable/

Unzip the contents into a newly created folder on your desktop.

Open the folder, run the tool by right click on Repair_Windows (icon with red briefcase) select "Run as Administrator"




From the main GUI do the following:


Select Tab 3 and allow it to run Disk check




Select Tab 4 and allow it to run SFC




Select Tab 5 and Create System Restore Point




Select Repairs tab => Click the Open repairs tab




The repairs window will open, Check the boxes as indicated, also the "Restart" option, then select Start...




DON'T use the computer while each scan is in progress.

Post the log, to access select "settings" tab > "open log folder" tab, log will be named _Windows_Repair_Log





Let me see that log,  also do we see any improvement....

Offline Kat540

  • Bronze Member
  • Posts: 54
I tried giving it a little test run to see if there was improvement and at first there seemed to be, but now it seems to be having the same problems again. It also won't install the FF update which is a problem I had before until I used Avast to update. I get an error after the download for the update "There were problems checking for, downloading, or installing this update. Firefox could not be updated because: The integrity of the update could not be verified" . I attached the log also

Offline kevinf80

  • Malware Removal Staff
  • Diamond Member
  • Posts: 7656
If you successfully ran sfc /scannow and chkdsk with the windows repair tool we need to see the saved logs....

1. Select the Windows key + R key together to open the Run dialog box, type powershell.exe and press Enter.

2. In PowerShell, copy and paste the command below, and press Enter.

get-winevent -FilterHashTable @{logname="Application"; id="1001"}| ?{$_.providername –match "wininit"} | fl timecreated, message | out-file Desktop\CHKDSKResults.txt

A file named CHKDSKResults.txt will be created on your desktop, copy paste or attach to your reply....

Next,

Select the Windows key + X key together, from the list select elevated command.exe. At the prompt copy and paste the following, then hit enter:

findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >%userprofile%\Desktop\sfcdetails.txt

A file named sfcdetails.txt will be saved to the desktop, copy and paste or attach to your reply.....

Next,

Please download VEW by Vino Rosso  from HERE and save it to your Desktop.

  • Double-click VEW.exe. to start, Vista and Windows 7/8 users Right Click and select "Run as Administrator"
  • Under 'Select log to query...check the boxes for both Application and System.
  • Under 'Select type to list... select both Error and Critical.
  • Click the radio button for 'Number of events...Type 10 in the 1 to 20 box.
  • Then click the Run button.
  • Notepad will open with the output log. It will take a couple of minutes to generate the log, please be patient.

Please post the Output log in your next reply.

Let me see those logs in your next reply...

Kevin

Offline Kat540

  • Bronze Member
  • Posts: 54
I was able to find the windows repair CHKDSK log I didn't you wanted that one as well. There wasn't one in there for the SFC scan though. When I pressed Windows key + X elevated command.exe didn't show up in the list only command prompt and command prompt (Admin). I did do the scan and it did show there were errors with some files, I think it fixed them

Offline kevinf80

  • Malware Removal Staff
  • Diamond Member
  • Posts: 7656
Hello Kat540,

Yes made error about finding elevated command prompt, got it right this time...

Thanks for the update and logs. I do not believe we are dealing with malware/infection, all recent logs do not incate any malicious entries.

There does appear to be some problems with OS file system as per the chkdsk log as quoted below

Quote
Usn Journal verification completed.
The Volume Bitmap is incorrect.
Windows has checked the file system and found problems.
Please run chkdsk /scan to find the problems and queue them for repair.

I`d like you to run chkdsk once more, this time I want you to add the /r switch to find and fix errors.....

Go to this link: http://www.eightforums.com/tutorials/6221-chkdsk-check-drive-errors-windows-8-a.html Scroll to and use instructions from "Option 2"
Use those instructions, make sure to use the /r switch command, chkdsk /r note the space between chkdsk and /r.

When that completes use the instructions in reply #27 to locate and post the chkdsk log.

Next,

Select Windows key and X key together, from the list select command prompt (admin) at the command prompt type or copy and paste sfc /scannow > then tap enter. When finished type exit Tap enter, re-boot your PC.

***Note the space between sfc and /scannow.

To get report, at command promt type or copy and paste:

findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >%userprofile%\Desktop\sfcdetails.txt 

Both of those logs will save to the Desktop, post them in your reply. When those scans are finished re-boot and see if there are any improvements....

Next,

After the re-boot and testing to see if any improvement run the following:

Please download VEW by Vino Rosso  from HERE and save it to your Desktop.
  • Double-click VEW.exe. to start, Vista and Windows 7/8 users Right Click and select "Run as Administrator"
  • Under 'Select log to query...check the boxes for both Application and System.
  • Under 'Select type to list... select both Error and Critical.
  • Click the radio button for 'Number of events...Type 10 in the 1 to 20 box.
  • Then click the Run button.
  • Notepad will open with the output log. It will take a couple of minutes to generate the log, please be patient.

Please post the Output log in your next reply.

Let me know if there is any improvement, also post the three requested logs.....

Thanks,

Kevin.....

« Last Edit: April 07, 2015, 03:17:09 AM by kevinf80 »