Author Topic: Avast keepts getting turned off by something  (Read 5250 times)

Offline rickjames8

  • Newbie
  • *
  • Posts: 9
    • Personal Message (Offline)
Avast keepts getting turned off by something
« on: October 25, 2011, 03:46:03 PM »
Hello,

I've been a happy Avast user for years without issue.   The other night my avast was turned off by something, and it will not allow me to restart.   In the summary tab, it just says "Unsecured" with a red X.  When I click "FIX NOW", it says "The following components could not be started:  Mail Shield, IM Shield, P2P Shield, File System Shield, Web Shield, Script Shield, Behavior Shield, Network Shield".   If I click the link that says "Start program", it has no response at all. 

I uninstalled Avast in safe mode using the Avast uninstaller as mentioned by another post on this forum.  I then downloaded the latest Avast and re-installed.  Avast worked properly for 5 minutes and then stopped and shows the same symptoms listed above. 

I uninstalled-reinstalled and tried to run a full system check, but after 35 hours, it still says 0% checked, and once again Avast has been turned off.

I am running Windows 7 and using Firefox.

I also seem to have an issue with Firefox where all my google search results direct me to a page called "CC Search".   Not sure if that is a related symptom, or if its a virus I got because my Avast was down.

It feels like I have some sort of virus which is designed to attack Avast and make it turn off.   Is that possible?

-Rick

Offline rickjames8

  • Newbie
  • *
  • Posts: 9
    • Personal Message (Offline)
Re: Avast keepts getting turned off by something
« Reply #1 on: October 25, 2011, 03:52:40 PM »
Also, I am running the Windows firewall, but no other security software.  The set up I have currently is how my Avast was running for quite some time. 

Offline Pondus

  • avast! Überevangelist
  • Maybe Bot
  • *****
  • Posts: 21649
  • Gender: Male
    • Personal Message (Offline)
Re: Avast keepts getting turned off by something
« Reply #2 on: October 25, 2011, 03:54:52 PM »
have you run a quick scan with a updated Malwarebytes for a second opinion ?
Chief Wiggum: Uh, no, you got the wrong number. This is 9-1…2.


Offline iYogisolutions1

  • Sr. Member
  • ****
  • Posts: 286
  • Great Tech Support. Good Karma
    • iYogi Tech Support.
    • Personal Message (Offline)
Re: Avast keepts getting turned off by something
« Reply #3 on: October 25, 2011, 04:04:06 PM »
Hi,

 Can you try to visit some of the common websites like yahoo.com, espn.com ot nasa.gov and please update us with the results. This is just to make sure that whether your browzser is being hijacked or not.

Have a wonderful day.. Good Karma!
Have a wonderful day. Good Karma! :)

Merry Christmas and a Happy New Year!!

Offline rickjames8

  • Newbie
  • *
  • Posts: 9
    • Personal Message (Offline)
Re: Avast keepts getting turned off by something
« Reply #4 on: October 25, 2011, 04:31:56 PM »
Browzer works fine.   Any site I try to visit directly will work.   However, if I google 'antivirus', and google gives me a page of 10 results, if I click on any of those 10 results (lets say one is www.avast.com), it will take me to a page called "CC Search" where it lists THEIR results for my original search of 'antivirus' in hopes that I'll click the links and they'll get the pay-per-click ad revenue.  However, the address in the nav bar would still read 'www.avast.com', so by highlighting and clicking it will take me to the site I originally intended to go to.   So I can still use FF, but with a work-around.

I am not familiar with malwarebytes.  I will try that and post results.

Offline rickjames8

  • Newbie
  • *
  • Posts: 9
    • Personal Message (Offline)
Re: Avast keepts getting turned off by something
« Reply #5 on: October 25, 2011, 04:41:43 PM »
Downloaded and ran Malwarebytes and it seems to have a similar response to Avast.  It installed fine and began to run a check and then shut down after 0:00:04.  When I try to re-start it from the start menu, it says: "Windows cannot access the specified device, path or file.".    However, I still see it in my systems tray with checkboxes checked for "Enable protection, Website Blocking and Start with Windows", but I can not bring up any sort of control panel by clicking on the icon.   When I try to select "Start Scanner", it does nothing.   No reaction. 

Offline Pondus

  • avast! Überevangelist
  • Maybe Bot
  • *****
  • Posts: 21649
  • Gender: Male
    • Personal Message (Offline)
Re: Avast keepts getting turned off by something
« Reply #6 on: October 25, 2011, 04:45:52 PM »
follow the guide here and attach the logs  http://forum.avast.com/index.php?topic=53253.0

essexboy will then have a look when he arrive in a few hours....i will notifie him
Chief Wiggum: Uh, no, you got the wrong number. This is 9-1…2.


Offline iYogisolutions1

  • Sr. Member
  • ****
  • Posts: 286
  • Great Tech Support. Good Karma
    • iYogi Tech Support.
    • Personal Message (Offline)
Re: Avast keepts getting turned off by something
« Reply #7 on: October 25, 2011, 05:00:26 PM »
Hi,

  This seems to be a rootkit infection in the computer.

   We need a few more info regarding the infection. So can you open the Task Manager by pressing Ctrl+Alt+Delete buttons and go for Process tab. Please check for an entry with
"random set of numbers":"random set of numbers" for example "456896:45689512xxxxx". And please update us back.

Have a wonderful day. Good Karma! 
Have a wonderful day. Good Karma! :)

Merry Christmas and a Happy New Year!!

Offline rickjames8

  • Newbie
  • *
  • Posts: 9
    • Personal Message (Offline)
Re: Avast keepts getting turned off by something
« Reply #8 on: October 25, 2011, 05:23:01 PM »
No numbers-named process running.  All processes can be identified.

Offline rickjames8

  • Newbie
  • *
  • Posts: 9
    • Personal Message (Offline)
Re: Avast keepts getting turned off by something
« Reply #9 on: October 25, 2011, 05:24:43 PM »
Attached is the OTL text file in ANSI format as requested.

Offline Pondus

  • avast! Überevangelist
  • Maybe Bot
  • *****
  • Posts: 21649
  • Gender: Male
    • Personal Message (Offline)
Re: Avast keepts getting turned off by something
« Reply #10 on: October 25, 2011, 05:26:59 PM »
and aswMBR log if you can  ;)
Chief Wiggum: Uh, no, you got the wrong number. This is 9-1…2.


Offline rickjames8

  • Newbie
  • *
  • Posts: 9
    • Personal Message (Offline)
Re: Avast keepts getting turned off by something
« Reply #11 on: October 25, 2011, 05:43:11 PM »
OK, I downloaded aswMBR and clicked scan.   It showed some activity for 5-10 seconds and then shut down.   When I tried to restart, it said "Windows cannot access the specified device, path or file".    Then it asked me which program I'd like to use to open aswMBR.

So I downloaded a second copy "aswMBR(1)" and had the same effect.

Do you need the extras.txt log from the OLT scan?


Offline rickjames8

  • Newbie
  • *
  • Posts: 9
    • Personal Message (Offline)
Re: Avast keepts getting turned off by something
« Reply #12 on: October 25, 2011, 05:45:04 PM »
Thank you all so much for your help. 

I will be away from my computer for the next 6 hours or so.  I'll check back in tonight.

Offline Pondus

  • avast! Überevangelist
  • Maybe Bot
  • *****
  • Posts: 21649
  • Gender: Male
    • Personal Message (Offline)
Re: Avast keepts getting turned off by something
« Reply #13 on: October 25, 2011, 05:47:55 PM »
Quote
Do you need the extras.txt log from the OLT scan?
if you have it, then attach it

essexboy is on UK time and usually logs out around midnight..
Chief Wiggum: Uh, no, you got the wrong number. This is 9-1…2.


Offline essexboy

  • avast! Überevangelist
  • Maybe Bot
  • *****
  • Posts: 28931
  • Gender: Male
  • Dragons by Sasha
    • Malware fixes
    • Personal Message (Offline)
Re: Avast keepts getting turned off by something
« Reply #14 on: October 25, 2011, 06:45:09 PM »
Hi it is the zero access rootkit

Please follow these steps carefully

When you download Combofix save the file as svchost on your c drive root i.e. C:\svchost

Download and Install Combofix
 
Download ComboFix from one of the following locations:
Link 1
Link 2
 
VERY IMPORTANT !!! Save ComboFix.exe to your C Drive as Svchost
 
* IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
  • Double click on ComboFix.exe & follow the prompts.
  • Double click on ComboFix.exe & follow the prompts.
  • Accept the disclaimer and allow to update if it asks




  • When finished, it shall produce a log for you.
  • Please include the C:\ComboFix.txt in your next reply.[/b]
Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.


Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now

 

Google Chrome

AVAST recommends using the FREE Google Chrome™ browser.

Download Google Chrome Now