Avast WEBforum
Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: flyfsher on January 07, 2013, 06:39:42 PM
-
In the past I have used and been real happy with Avast free,that computer died and I picked up another XP system,it was loaded with the above and I was told by the shop it's one of the best so that is all I have been using,the first few days it detected a couple of viruses,I have the scan and update set to run every evening,it has detected nothing in about 5 months.
My questions ,If I add Avast is it compatible with Microsoft Security Essentials or should I disable or delete it.
I'm also having some issues with Silverlight/netflix/chrome
Best Victor
-
Having two resident anti-virus scanners installed is one too many and not recommended as rather than provide twice the protection it can cause conflicts that could leave you more vulnerable.
So yes you should remove MSE before installing avast.
-
As DavidR said You'll have to delete MSE before installing Avast, after removing MSE run a search in your system for Microsoft Antimalware and delete remnants.
Personally I don't even have Silverlight installed as I've only ever seen Microsoft sites that require it to view certain things so imo I would uninstall it unless you absolutely need it.
As for netfix or Chrome I use neither so others may be able to help you with them.
-
Thank you for the replies,should I also delete windows firewall ?
best Victor
-
Thank you for the replies,should I also delete windows firewall ?
best Victor
No, the Windows firewall plays fine with avast. :)
-
Avast is much better than MSSE. Avast has so many more useable features, it updates every 4 hours instead of once a day like MSSE, Avast has a lot more protection with the different shields and sandbox feature and Avast is easy to customize so you can set it how you need it.
One of the main advantages I see is that MSSE only alerts you after it finds a virus or malware. Avast stops the virus from getting on my computer in the first place. I did a ton of research before installing Avast and MSSE was consistently rated very low in nearly every single AntiVirus review and comparison. I really like how Avast will give me an error window and alert me that it blocked me from accessing a malicious web site.
I do not know about the firewall in XP. I use Windows 7 and also use the built in Windows firewall and it works fine with Avast.
Jimmy
-
thanks for all the replies and tips,guess i'm going back to Avast
-
Good to hear :)
-
Problem ! successfully down loaded,installed and registered during installation I noticed it did a quick scan with no issues,I tried a full scan and my system shut down to a black screen then reboot,checked a few sites,e-mail, connection speed, all ok tried a couple more times to do a full scan,same issue
-
Please follow the instructions in this thread http://forum.avast.com/index.php?topic=53253.0 and post all logs back here when completed for one of the malware specialists to look over.
essexboy has been notified.
-
I see it's not free,is there any other way to fix this problem I rarely if ever buy anything on line
-
I see it's not free,is there any other way to fix this problem I rarely if ever buy anything on line
What's not free ???, everything within that logs thread link is free
If your talking about Malwarebytes it is free for manual scans and updating which must be performed first before running a scan.
-
Oh My I'm sorry,I was able to install malwarebytes, ran the quick scan it found three items,and deleted them,I then tried another full Avast scan with same results,straight to reboot. as you can tell I'm no computer expert
-
I'd suggest for you to run the tools and post the logs so that they can be looked over as there is obviously something wrong within your system that needs investigating.
-
Just a guess - Is your computer overheating while running the scan?
-
Just a guess - Is your computer overheating while running the scan?
If Malwarebytes has found and deleted stuff then I'd say the system is infected.
-
Yoshi,no tower cool to the touch and no unusual noise
Craigb,when say run the tools are you refereeing to additional tools within Malwarebytes Anti malware and post the logs here
,thanks for all your help folks
-
Just a guess - Is your computer overheating while running the scan?
If Malwarebytes has found and deleted stuff then I'd say the system is infected.
Yeah, that's what I thought too, but generally when computers instantly shut down it's because of overheating.
/me unfortunately has experience
-
Craigb,when say run the tools are you refereeing to additional tools within Malwarebytes Anti malware and post the logs here
No don't use those additional tools in MBAM, run these tools for normal scans as there explained in the link and attach the logs with the " Attachments and other options " below where you write your posts, see pic
AdwCleaner
Malwarebytes
OTL
aswMBR
-
AdwCleaner v2.105 - Logfile created 01/08/2013 at 14:58:12
# Updated 08/01/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : user - CFK-AC3AF7CCCE7
# Boot Mode : Normal
# Running from : C:\Documents and Settings\user\My Documents\Downloads\adwcleaner (3).exe
# Option [Search]
***** [Services] *****
***** [Files / Folders] *****
***** [Registry] *****
Key Found : HKCU\Software\InstallCore
***** [Internet Browsers] *****
-\\ Internet Explorer v8.0.6001.18702
[OK] Registry is clean.
-\\ Google Chrome v23.0.1271.97
File : C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\user Data\Default\Preferences
[OK] File is clean.
*************************
AdwCleaner[R1].txt - [895 octets] - [08/01/2013 14:56:40]
AdwCleaner[R2].txt - [827 octets] - [08/01/2013 14:58:12]
########## EOF - C:\AdwCleaner[R2].txt - [886 octets] ##########
-
Ran the OTL scan,about ten minutes then black/screen/reboot tried to post the log but it exceeds the size limit here
-
this is the part of the log
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{6ADD0603-16EF-400D-9F9E-486432835002}" = OpenOffice.org 3.2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A253629-0511-4854-8B4E-46E57E66005C}" = Bonjour
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Extreme Graphics 2 Driver
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb" = Internet Explorer (Enable DEP)
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.2
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D8320DD6-FE47-41DE-B116-4158B7AE3F37}" = ACDSee for PENTAX 2.0
"{E7DF4F40-A0CE-430E-8B3B-DB7C8DF1C1A2}" = ActivePerl 5.10.1 Build 1006
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"avast" = avast! Free Antivirus
"AVS DVD Player_is1" = AVS DVD Player version 2.4
"CCleaner" = CCleaner
"Free Easy Burner_is1" = Free Easy Burner V 3.8
"Google Chrome" = Google Chrome
"ie8" = Windows Internet Explorer 8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.70.0.1100
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"RegScrubXP_is1" = RegScrubXP 3.25
"ST4UNST #1" = FlashCard
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 12/25/2012 12:19:04 AM | Computer Name = CFK-AC3AF7CCCE7 | Source = Application Hang | ID = 1002
Description = Hanging application chrome.exe, version 23.0.1271.97, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 12/25/2012 12:38:53 AM | Computer Name = CFK-AC3AF7CCCE7 | Source = Application Hang | ID = 1002
Description = Hanging application chrome.exe, version 23.0.1271.97, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 12/28/2012 5:36:50 PM | Computer Name = CFK-AC3AF7CCCE7 | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module shell32.dll, version 6.0.2900.6242, fault address 0x0002b2b4.
Error - 12/28/2012 5:37:02 PM | Computer Name = CFK-AC3AF7CCCE7 | Source = Application Error | ID = 1000
Description = Faulting application drwtsn32.exe, version 5.1.2600.0, faulting module
dbghelp.dll, version 5.1.2600.5512, fault address 0x0001295d.
[ System Events ]
Error - 1/1/2013 12:40:47 PM | Computer Name = CFK-AC3AF7CCCE7 | Source = DCOM | ID = 10010
Description = The server {5C65F4B0-3651-4514-B207-D10CB699B14B} did not register
with DCOM within the required timeout.
Error - 1/8/2013 12:52:46 PM | Computer Name = CFK-AC3AF7CCCE7 | Source = System Error | ID = 1003
Description = Error code 1000000a, parameter1 00000004, parameter2 00000002, parameter3
00000000, parameter4 804e7eed.
< End of report >
-
Logs need to be attached, not copy an pasted.
Each tool should create a log on your desktop, when placing your post here use the additional options link below your post and browse for the required logs on your desktop and attach.
Run what tools you can and after being viewed by one of the malware guys they'll instruct you further.
-
Good afternoon, please forgive my inexperience , I ran another OTL scan and it was completed I hope the attached file is correct
-
Look like you have had an infection
Warning This fix is only relevant for this system and no other, using on another computer may cause problems
Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot
Run OTL
- Under the Custom Scans/Fixes box at the bottom, paste in the following
(https://dl.dropbox.com/u/73555776/OTL_Fix.GIF)
:OTL
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\RunOnceEx: [TITLE] Installing Stuff File not found
O4 - Startup: C:\Documents and Settings\user\Start Menu\Programs\Startup\wpa_activate.vbs ()
[2011/12/22 18:06:04 | 000,011,382 | -HS- | C] () -- C:\Documents and Settings\user\Local Settings\Application Data\v1ji23o1bs3pin
[2011/12/22 18:06:04 | 000,011,382 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\v1ji23o1bs3pin
:Commands
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]- Then click the Run Fix button at the top
- Let the program run unhindered, reboot the PC when it is done
- Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
THEN
Download and Install Combofix
Download ComboFix from one of the following locations:
Link 1 (http://download.bleepingcomputer.com/sUBs/ComboFix.exe)
Link 2 (http://www.forospyware.com/sUBs/ComboFix.exe)
VERY IMPORTANT !!! Save ComboFix.exe to your Desktop
* IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here (http://forums.whatthetech.com/How_Disable_your_Security_Programs_t96260.html&pid=494216#entry494216)
- Double click on ComboFix.exe & follow the prompts.
- Accept the disclaimer and allow to update if it asks
(http://img.photobucket.com/albums/v706/ried7/NSIS_disclaimer_ENG.png)
(http://img.photobucket.com/albums/v706/ried7/NSIS_extraction.png)
- When finished, it shall produce a log for you.
- Please include the C:\ComboFix.txt in your next reply.[/b]
Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.
3. If after the reboot you get errors about programmes being marked for deletion then reboot, that will cure it.
Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now
-
OTL log,now I will continue with Combo fix
-
Combo Fix log attached,for some reason the log is missing in my documents ? combo fix found Rootkit.zero access seemed to take a long time but I hope it's gone ,I will run a full Avast scan later tonight to see if my problem is solved
Can't thank you folks enough
Best Victor
-
Could you attach the combofix log please, you appear to have forgotten it
-
see above pls, I hit "save as" when I opened my doc,s to attach it's not there I'm unable to run a quick Avast scan,same issue
-
The log should be at C:\combofix.txt
So avast is still unable to complete a full scan.. Does it just freeze ? If so what file does it freeze on
-
Found it Thanks, ATTACHED yes it does freeze,then reboots from above "combo fix found Rootkit.zero access"
-
What file does it say it is scanning when it freezes
-
Sorry,it happens real fast and I always miss the file name, I just completed a quick scan using Malwarebytes it worked fine and found nothing, I then did a full scan than ran for about 50 minutes then it froze/reboot
-
I wonder if that is an overheating problem
Download Speedfan (http://www.filehippo.com/download_speedfan/) and install it.
Once it's installed, run the program and post here the information it shows.
The information I want you to post is the stuff that is circled in the example picture I have attached.
If you are running on a vista machine, please go to where you installed the program and run the program as administrator.
(http://artellos.geekstogo.com/speedfan.png)
(this is a screenshot from a vista machine)
-
Someone here earlier had suggested heat as a problem,the tower is cool to the touch and no unusual noises , I'll give speedfan a go
-
Done,properties seem to be within limits very similar to your sample chart,all green checks ,the chart/specs does not allow cut and paste save as or allow me move it so I can post it here
-
Could you run a scan but exclude the users folder
Let me know if it completes a scan then
-
Which one Avast or Megabytes full or quick and how do I exclude user folders
-
Use Avast
-
crashed immediately,then crashed again , I'm really sorry taking all this time,btw what of the world are you,noticed the time difference it's 2:40 in Idaho
-
I am in darkest Cornwall (GMT)
OK what I would suggest now is a full uninstall of Avast then run aswClear then reinstall. If it happens again then there is a possible driver conflict within your system
-
Cornwall ,thks sure appreciate your help aswClear ??
-
https://support.avast.com/index.php?_m=knowledgebase&_a=viewarticle&kbarticleid=1062
-
I followed your link/instructions when I got to safe mode (yes) megabytes was there and I didn't notice it quick enough, CRASH ! (getting a little tired of this) so I deleted megabytes @ add / remove programs, I'll tackle this in the morning and report back thks again for all your help
-
Essexboy If your on today, I got a little lost on the uninstall,so I used add remove/programs and re-installed Avast and tried to do a quick scan with same crash results.I also noticed on the support menu there are a few other options for help or should I just eat less next month and replace this machine it's old like me
-
You need to run aswClear from safe mode to remove all traces of Avast prior to re-installation
Lets reinstall Avast
Download aswClear (http://files.avast.com/files/eng/aswclear.exe) to your Desktop.
Download the correct version of Avast
http://files.avast.com/iavs5x/avast_free_antivirus_setup.exe
http://files.avast.com/iavs5x/avast_pro_antivirus_setup.exe
http://files.avast.com/iavs5x/avast_internet_security_setup.exe
Disconnect from the net
Uninstall Avast via control panel
- Boot to Safe Mode.
- Restart the computer.
- As soon as BIOS is loaded begin tapping the F8 key until the Advanced Options menu appears.
- Use the arrow keys to select the Safe mode with Networking menu item
- Press Enter.
- Run aswClear
- In the Select Product to Uninstall dropdown choose the version of Avast that is on your system.
(https://dl.dropbox.com/u/73555776/aswclear.JPG)
- Press Uninstall
- Once complete reboot your system to Normal Mode
- Reinstall Avast
----------
-
Successfully removed from safe mode and re installed,haven't tried a scan yet
-
OK the proof of the pudding etc.. try a scan please. Quick scan initially
-
OK ! Immediate Crash
-
OK what we will do next is determine if there is a driver conflict
What we will do is run just windows files and services
Then add the other files/services one at a time to determine which is causing the problem
Step 1: Start the System Configuration Utility
1.Click Start, click Run, type msconfig, and then click OK.
2.The System Configuration Utility dialog box is displayed.
Step 2: Configure selective startup options
1.In the System Configuration Utility dialog box, click the General tab, and then click Selective Startup.
2.Click to clear the Process SYSTEM.INI File check box.
3.Click to clear the Process WIN.INI File check box.
4.Click to clear the Load Startup Items check box. Verify that Load System Services and Use Original BOOT.INI are checked.
5.Click the Services tab.
6.Click to select the Hide All Microsoft Services check box.
7.Click Disable All, and then click OK.
8.When you are prompted, click Restart to restart the computer.
Step 3: Log on to Windows
1.If you are prompted, log on to Windows.
2.When you receive the following message, click to select the Don't show this message or launch the System Configuration Utility when Windows start check box, and then click OK.
You have used the System Configuration Utility to make changes to the way Windows starts.
The System Configuration Utility is currently in Diagnostic or Selective Startup mode, causing this message to be displayed and the utility to run every time Windows starts.
Now run a quick scan with Avast.. Does it crash
-
Wish I had a printer,may not try this today
-
Not a problem .. At your own pace
-
I haven't tried this last fix yet,I do have another question can I send you a private message ? I tried and it didn't work
-
Sent you a PM
-
pm sent
-
Got it
-
PM Sent