« previous next »
Pages: [1]   Go Down

Author Topic: Infected ? (FRST Logs Attached)  (Read 1710 times)

0 Members and 1 Guest are viewing this topic.

REDACTED

  • Guest
Infected ? (FRST Logs Attached)
« on: November 14, 2016, 03:11:42 PM »
I (my wife) has a Windows 7 PC (all MS Updates) & Avast latest.....MBAE, MBAM Pro, Cryptoprevent installed.
Last few weeks it seems to not logon to internet and reboot seems to solve....other PCs in house work fine thru network.
Avast scan is clean, MBAM scan clean, Adware scan clean, I run CCleaner too.

I attached FRST logs for experts to check to see if other issue/virus/mal shown ?

Thx !
Logged

REDACTED

  • Guest
Re: Infected ? (FRST Logs Attached)
« Reply #1 on: November 16, 2016, 05:16:20 PM »
Can some one look at ?  Thx.
Logged

Offline dbrisendine

  • Malware Fighter
  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1258
Re: Infected ? (FRST Logs Attached)
« Reply #2 on: November 16, 2016, 06:24:50 PM »
Checked the logs and don't see any malware but a few things caught my attention.

The IDE disk is being hit pretty hard; what is the Instant Restore Point and why does it make multiple points every time it runs?

Indexing is corrupt but this is most likely related to the above issue.
Logged
Win7 x32 Ult. SP1, Brain 2.0 / Win10 x64, Brain2.5
My help is always free but if you would like to help encourage me or show your thanks -----> DONATE

REDACTED

  • Guest
Re: Infected ? (FRST Logs Attached)
« Reply #3 on: November 17, 2016, 02:39:18 PM »
Quote from: dbrisendine on November 16, 2016, 06:24:50 PM
Checked the logs and don't see any malware but a few things caught my attention.

The IDE disk is being hit pretty hard; what is the Instant Restore Point and why does it make multiple points every time it runs?

Indexing is corrupt but this is most likely related to the above issue.

The restore points are created once a day......but they also create on a reboot.
I think the multiple ones are on the reboots from Windows Updates.

I turn  Indexing off on W7 PCs.....takes too much resource for what it provides.....would rather the search take a little longer and not have all the background thrashing on Indexing in its default mode.

Searchscopes in OK item ?

Also, the "HKLM Group Policy restriction" is from CyrptoPrevent implementation.

I also noticed the HDD/IDE errors are at 5am every day only...which is when Avast does its scan.
I only have system HDD but also plugged in USB SanDisk stick.....which I copy things off too.
I've changed Avast daily scan from "All Drives" to "System Drive" and see if that makes difference.
I think Port 0 would be the system drive but not sure why I would get this error when Avast scan runs only...ideas ?
« Last Edit: November 17, 2016, 02:52:48 PM by thekochs »
Logged

Offline dbrisendine

  • Malware Fighter
  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1258
Re: Infected ? (FRST Logs Attached)
« Reply #4 on: November 18, 2016, 08:37:02 AM »
Avast may be using direct or raw disk access for its scanning; one of the Avast experts will have to answer that question.  It may also answer the issue of the blocked file error (can not access due to open in other process) which seems to be of a web type (WebCache log file).

IDE error indicates a possible hardware failure; disk drive could be failing.
Logged
Win7 x32 Ult. SP1, Brain 2.0 / Win10 x64, Brain2.5
My help is always free but if you would like to help encourage me or show your thanks -----> DONATE
Pages: [1]   Go Up
« previous next »