Author Topic: compromised avast_one_essential_setup_online.exe  (Read 1139 times)

0 Members and 1 Guest are viewing this topic.

Offline p.novak

  • Newbie
  • *
  • Posts: 1
compromised avast_one_essential_setup_online.exe
« on: March 07, 2022, 04:03:32 AM »
Has anyone run into a compromised download of avast_one_essential_setup_online.exe??  If so, did you remedy it's effects? How?

My friend downloaded it onto his recently acquired laptop (from a deceased sister) along with other avast install downloads. He was having trouble getting it to install and asked me for help. I tried to install a download named just and had trouble, so I was just looking at his downloads directory, saw this "avast_one_essential_setup_online.exe" and without thinking (or investigating) ran it. It ran showing 100%, then seconds later started another process and one second in, bang, system crash. I have been unable to boot since.

I have since googled the name and found a reference on a site called "https://any.run/report" which I believe is a project out of sourceforge,  that reports malicious behavior of "removes files from windows directory". I believe that is my problem now, because I have reinstalled windows from recovery and it boots and runs fine. Also, the old uefi is fine, but once it points to c:windows to run - nothin!

If you recovered from this, what files did you have to put into your windows directory to enable boot?

Offline Asyn

  • Avast √úberevangelist
  • Certainly Bot
  • *****
  • Posts: 76051
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: compromised avast_one_essential_setup_online.exe
« Reply #1 on: March 11, 2022, 02:59:03 PM »
Test the file at VT (https://www.virustotal.com) and post the link to the result here.
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline bob3160

  • Avast √úberevangelist
  • Probably Bot
  • *****
  • Posts: 48038
  • 63 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: compromised avast_one_essential_setup_online.exe
« Reply #2 on: March 12, 2022, 02:07:50 AM »
I'd suggest booting into Safe Mode. Check to see if there is a restore point prior to the time you ran
the Avast online setup file.
If there isn't any restore point, you might think about running the Avast removal tool in Safe Mode if you can get to Safe Mode.
https://www.avast.com/uninstall-utility#pc

Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet