Hello, everybody who has read my last posted messages. I´m technical and the first thing I want to say is that avast Help Support is the best of av companies. Specially acknowledgments to Jindrich Kubec who were vey patient with me.
I had a problem using DOS under XP using avast 4.0 Home edition and pieces of the Norton Sys-temWorks 2003 (except NAV).
The solution was manually editing two Registry keys (apparently corrupted by Norton Anti-Virus Removal Utility):
HKLM\SYSTEM\ControlSet001\Control\VirtualDeviceDrivers
HKLM\SYSTEM\ControlSet002\Control\VirtualDeviceDrivers
They have to be formatted as: string,0,string,0,string,0,...,0,0
But in my case it looks that some idiotic program (probably Symantec?) did:
string,0,0,string,0,string,0,0
You may try to export the key in the file, remove one zero from the first double zeros.
Be sure the strings end with double zeros.
Then import it back and reboot.
You should then see there the record for \<avast directory>\aswMonVd.dll
-------------------------
The whole history (read just if you have the same problems than I)
The symptoms were:
a) into a cmd window it was forbidden to use DOS programs (16-bits). The user just get the prompt after the command and nothing happens, e.g.:
C:\pkunzip -n *.zip {enter}
C:\
By the way, with the WinZip Command Line 1.1 Beta1 the same effect were noted. This application
is the command line version of WinZip 9.0 Beta (
www.winzip.com)
b) the cmd window just not ‘change’ its name with the command. In AutoIt 2.64 scripts (
www.hiddensoft.com) (the best macro maker for Windows, thanks to Jonathan Bennett). Sending a Run command to cmd windows (e.g.: Run, C:\\pkzip.exe -n *.zip or RunWait, %COMSPEC% /C copy c:\\*.zip a:\\,, hide), the cmd window remains with the title C:\Windows\System32\cmd.exe). The commands (programs) are not executed.
To solve the problem:
1. The first thing avast Help Support team thought was that the aswmonds.sys resident drive for DOS was not correctly registered in Windows. This is correct but, at that time, we don´t know the cause. We tried to edit the file C:\Windows\System32\Config.nt that looks like:
dos=high, umb
device=%SystemRoot%\system32\himem.sys
files=40
device=\<avast directory>\aswmonds.sys
If the user set the last line as a comment:
REM device=\<avast directory>\aswmonds.sys
The cmd window will work and DOS programs too (see letters a) and b) above). But, the DOS resident driver wouldn´t be loaded and the computer would not be completely protected against virus.
2. After this, we tried to find which program in my computer was responsible for this behavior. Obviously, we thought in Norton SystemWorks 2003 Suite. The NAV component was never in-stalled in this computer but, as everyone recommends, I use Norton Anti-Virus Removal Utility:
http://service1.symantec.com/SUPPORT/nav.nsf/949e46314f0916a0852565d00073bbfd/33497f6e8a319ece88256ace0076cc02/$FILE/Rnav2003.exe
3. Apparently, this program corrupted two Registry keys (see rnav_log.txt which is generated by the application):
HKLM\SYSTEM\ControlSet001\Control\VirtualDeviceDrivers
HKLM\SYSTEM\ControlSet002\Control\VirtualDeviceDrivers
It should have format: string,0,string,0,string,0,...,0,0
But in my case it looks that some idiotic program (probably Symantec?) did:
string,0,0,string,0,string,0,0
You may try to export the key in the file, remove one zero from the first double zeros.
Be sure the strings end with double zeros.
Then import it back and reboot.
You should then see there the record for aswmonvd.dll.
Just one record is enough (maybe you see more than one line like this:
Text: C:\Arquivos de programas\Avast\aswMonVd.dll
4. Other topics to see:
a) There must be aswMonVD.dll in your Avast directory.
b) If you did, don't forget to 'un-REM' the statement in config.nt (see To solve the problem, 1, above)
c) There must be the following records in the registry:
Key name: HKLM\SYSTEM\ControlSet001\Control\VirtualDeviceDrivers
Value name: VDD
Type: REG_MULTI_SZ
Type number: 00000007
Text: \<avast directory>\aswMonVd.dll
Key name: HKLM\SYSTEM\ControlSet002\Control\VirtualDeviceDrivers
Value name: VDD
Type: REG_MULTI_SZ
Type number: 00000007
Text: \<avast directory>\aswMonVd.dll
These records are automatilly generated by avast setup installation program. But, if you have any piece of Norton SystemWorks 2003 installed – remember that NAV is incompatible with avast – you probably may have to edit manually the Registry keys above (or, if the avast team found another way…)
d) Reboot. The avast must work after that and all other DOS programs.
