Avast WEBforum
Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: hal7 on January 20, 2013, 07:35:28 PM
-
Hey there,
I had avast free. For some reason it stopped working so I want to uninstall it and install avast again, but I am busy with this process about 2 hours :S I am about to freak out!
I have downloaded aswclear.exe and tried to work it in safe mode! i am in safe mode now! but it still says disable self protection mode or go in safe mode which is the thing I am doing now but both don't work! I have downloaded another program to delete avast, it doesn't work anyway!
I have used avast about 6-7 years and never got problem till now but this one is really annoying! can anyone please help me?
-
Are you really sure you are in safe mode as avast doesn't run in safe mode, so there would be no self-defence module running either ?
What happened when you tried to uninstall from the regular windows add remove programs/programs and features ?
-
On my screen it writes safe mode just above Windows start button.
I opened my laptop and It wrote your pc is not safe... so I checked and saw that avast wasn't working.. I tried to update, fix and start avast.. none of them worked. After i searched online a bit I decided to uninstall avast and again install.. then it all began! I got error.. I don't remember it good but sort of "uninstalling process couldn't be completed" or something.. then i tried all the thing I wrote above. Still same result...I can't install it I can't delete it...
-
On my screen it writes safe mode just above Windows start button.
I opened my laptop and It wrote your pc is not safe... so I checked and saw that avast wasn't working.. I tried to update, fix and start avast.. none of them worked. After i searched online a bit I decided to uninstall avast and again install.. then it all began! I got error.. I don't remember it good but sort of "uninstalling process couldn't be completed" or something.. then i tried all the thing I wrote above. Still same result...I can't install it I can't delete it...
I have to agree with DavidR as to whether you are actually getting into 'Safemode'.
What operating system are you running: XP, Vista,Win7 or Win8?
Thanks. :)
-
why is it so difficult anyway...? any solution?
windows vista
by the way while restarting i press f8 and i get lots of safe mode options does it matter which one i select? because if i select only safe mode one then my pc keeps restarting instead of opening in safe mode?
-
I suggest an installation from scratch:
1. Download the latest version of avast! Uninstall Utility (http://www.avast.com/eng/avast-uninstall-utility.html) and save it.
2. Download the latest avast! (http://www.avast.com/eng/programs.html) version and save it.
3. (Optional) If you want, save your avast! settings for later restoration (Settings > Maintenance > Back up).
4. Uninstall avast from Control Panel (if possible). If, for any reason, you can't run it, try booting in Safe Mode (http://www.pchell.com/support/safemode.shtml) and doing it from there. Anyway, boot after that.
5. Run the avast! Uninstall Utility saved on 1 in Safe Mode (http://www.pchell.com/support/safemode.shtml). Boot after you've run it. Repeat this for any major avast! version you have ever installed/upgraded in your computer.
6. Install avast! using the setup saved on 2. Boot.
7. Register your free copy or add the license key for Pro. Or even upgrade (http://www.avast.com/resend-license-paid.php) your key from old versions.
8. Check and post the results. If, for any reason, you did not solve, try doing the step 3 in Safe Mode anyway.
-
Hi Tech
Just about to instruct the same ;) :)
-
why is it so difficult anyway...? any solution?
windows vista
by the way while restarting i press f8 and i get lots of safe mode options does it matter which one i select? because if i select only safe mode one then my pc keeps restarting instead of opening in safe mode?
Mmmm. ???
You can chose "Safemode" or "Safemode with Networking" usually the top 2 choices.
-
See below for Vista Safe Mode choices:
why is it so difficult anyway...? any solution?
windows vista
by the way while restarting i press f8 and i get lots of safe mode options does it matter which one i select? because if i select only safe mode one then my pc keeps restarting instead of opening in safe mode?
-
Oke, what i did:
-restart
-f8 and i get safe mode list
-"like i tried before" click safe mode
-my pc restarts before loading windows "keeps restarting"
-eventually click on Directory Services Restore Mode
-Windows is loaded
-I see on the corners of screen safe mode and interface is totally different "I think I am in safe mode"
-aswclear.exe click
-error: The avast! self protection module is anabled. For this reason, the operation cannot be completed.
To complete the operation, either run this profram from Windows Safe Mode "I think I am in now", or disable the avast! selft protection (visa Settings -> Troubleshooting page).
-Because I think I am in safe mode I try to find Troublesooting page..
-Right Click on avast icon disable everything..
-still nothing....:S
-
I have just tried "Safemode with Networking" too. It keeps restarting... :S:S:S
Is there any other way to disable that self protection mode?
-
I have just tried "Safemode with Networking" too. It keeps restarting... :S:S:S
Is there any other way to disable that self protection mode?
Go into Avast 'Settings' then 'Troubleshooting' and UNCHECK "Enable Avast Self protect Module" as shown in Screenshot.
-
God! I thought I had it disabled but i see its still checked...however I am now trying to make it unchecked.. I can't uncheck it... this must be joke or sth...
Guys sorry I am taking your time but mine too...
-
God! I thought I had it disabled but i see its still checked...however I am now trying to make it unchecked.. I can't uncheck it... this must be joke or sth...
Guys sorry I am taking your time but mine too...
Well I'm not sure what to think.
I have not seen this issue before.
We'll have to wait and see if anyone else has run into this and what resloved it. :-\
You can't get into safemode
You can't disable/uncheck Avast self protection module
-
God! I thought I had it disabled but i see its still checked...however I am now trying to make it unchecked.. I can't uncheck it... this must be joke or sth...
Guys sorry I am taking your time but mine too...
Well I'm not sure what to think.
I have not seen this issue before.
We'll have to wait and see if anyone else has run into this and what resloved it. :-\
You can't get into safemode
You can't disable/uncheck Avast self protection module
can it be because of a virus maybe?If so what should i do?
-
I have passed this on to our Malware expert and we will see what he thinks once he's available.
Thanks for your patience. :)
-
thank you very much! I am happy with avast and if I(we) can solve this i would like to install avast again.. but is there any other reliable antivirus program I can use till I get this done! I need my computer every single day..
If I install an other program temporarily does it get more mixed up?
Thnx
-
thank you very much! I am happy with avast and if I(we) can solve this i would like to install avast again.. but is there any other reliable antivirus program I can use till I get this done! I need my computer every single day..
If I install an other program temporarily does it get more mixed up?
Thnx
Hi: If you can, "please wait until our Malware expert can review".
If you do have a malware/virus issue then further installations could/would also be affected.
It should not be long
-
thank you very much! I am happy with avast and if I(we) can solve this i would like to install avast again.. but is there any other reliable antivirus program I can use till I get this done! I need my computer every single day..
If I install an other program temporarily does it get more mixed up?
Thnx
Hi: If you can, "please wait until our Malware expert can review".
If you do have a malware/virus issue then further installations could/would also be affected.
It should not be long
I am waiting!
Thanks.
-
Could you confirm that you are unable to get into safe mode
Download OTL (http://oldtimer.geekstogo.com/OTL.exe) to your Desktop
Secondary link (http://www.itxassociates.com/OT-Tools/OTL.exe)
- Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
(https://dl.dropbox.com/u/73555776/OTL_Main_Tutorial.gif)
- Select All Users
- Under the Custom Scan box paste this in
netsvcs
BASESERVICES
%SYSTEMDRIVE%\*.exe
/md5start
services.*
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
winsock.*
/md5stop
CREATERESTOREPOINT
- Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
- When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
- Post both logs
THEN
Download aswMBR.exe (http://public.avast.com/~gmerek/aswMBR.exe) ( 4.5mb ) to your desktop.
Double click the aswMBR.exe to run it Click the "Scan" button to start scan
(http://i1224.photobucket.com/albums/ee362/Essexboy3/aswMBR%20shots/aswMBRScan.gif)
On completion of the scan click save log, save it to your desktop and post in your next reply
-
Hey!
I have downloaded OTL and ran as you said and I got one saved file : OTL.txt
I uploaded it as attachment
-
asMBR.txt:
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-01-21 17:36:34
-----------------------------
17:36:34.030 OS Version: Windows 6.1.7601 Service Pack 1
17:36:34.030 Number of processors: 2 586 0xF0D
17:36:34.033 ComputerName: userrr UserName: username....
17:36:35.829 Initialize success
17:40:08.271 AVAST engine error: 2
17:40:10.890 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-3
17:40:10.893 Disk 0 Vendor: WDC_WD3200BPVT-22ZEST0 01.01A01 Size: 305245MB BusType: 11
17:40:10.911 Disk 0 MBR read successfully
17:40:10.914 Disk 0 MBR scan
17:40:10.917 Disk 0 Windows 7 default MBR code
17:40:10.921 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
17:40:10.929 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 305143 MB offset 206848
17:40:10.936 Disk 0 scanning sectors +625139712
17:40:11.014 Disk 0 scanning C:\Windows\system32\drivers
17:40:17.534 Service scanning
17:40:32.161 Modules scanning
17:40:39.997 Disk 0 trace - called modules:
17:40:40.020 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS PCIIDEX.SYS msahci.sys ndis.sys netw5v32.sys
17:40:40.028 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85ec5200]
17:40:40.035 3 CLASSPNP.SYS[8920459e] -> nt!IofCallDriver -> [0x85dcb918]
17:40:40.041 5 ACPI.sys[88eb63d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-3[0x85da4908]
17:40:40.048 Scan finished successfully
17:40:52.227 Disk 0 MBR has been saved successfully to "C:\Users\username..\Desktop\MBR.dat"
17:40:52.235 The log file has been saved successfully to "C:\Users\username...\Desktop\aswMBR.txt"
-
Avast appears to be working, what are your current problems ?
Warning This fix is only relevant for this system and no other, using on another computer may cause problems
Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot
Run OTL
- Under the Custom Scans/Fixes box at the bottom, paste in the following
(https://dl.dropbox.com/u/73555776/OTL_Fix.GIF)
:OTL
IE - HKU\S-1-5-21-2472689237-2822399416-2604177735-1001\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No CLSID value found
FF - prefs.js..extensions.enabledAddons: ffxtlbr@babylon.com:1.1.9
FF - prefs.js..keyword.URL: "http://search.babylon.com/?babsrc=SP_ss&mntrId=56ea03fc000000000000001e8c44646a&tlver=1.4.19.19&instlRef=sst&ss=1&affID=18042&q="
[2011.12.20 16:04:35 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\username..\AppData\Roaming\Mozilla\Firefox\Profiles\s804d0w7.default\extensions\ffxtlbr@babylon.com
O2 - BHO: (CescrtHlpr Object) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll File not found
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll File not found
O3 - HKU\S-1-5-21-2472689237-2822399416-2604177735-1001\..\Toolbar\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found.
O3 - HKU\S-1-5-21-2472689237-2822399416-2604177735-1001\..\Toolbar\WebBrowser: (no name) - {3E1201F4-1707-409F-BB45-A5F192381DA0} - No CLSID value found.
O3 - HKU\S-1-5-21-2472689237-2822399416-2604177735-1001\..\Toolbar\WebBrowser: (no name) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No CLSID value found.
O4 - HKLM..\Run: [BabylonToolbar] "C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe" /md I File not found
:Files
C:\Program Files\BabylonToolbar
:Commands
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]- Then click the Run Fix button at the top
- Let the program run unhindered, reboot the PC when it is done
- Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
-
after reboot i got results in notepad without scanning it again..
All processes killed
========== OTL ==========
Registry value HKEY_USERS\S-1-5-21-2472689237-2822399416-2604177735-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\{88c7f2aa-f93f-432c-8f0e-b7d85967a527} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\ not found.
Prefs.js: ffxtlbr@babylon.com:1.1.9 removed from extensions.enabledAddons
Prefs.js: "http://search.babylon.com/?babsrc=SP_ss&mntrId=56ea03fc000000000000001e8c44646a&tlver=1.4.19.19&instlRef=sst&ss=1&affID=18042&q=" removed from keyword.URL
Folder C:\Users\username..\AppData\Roaming\Mozilla\Firefox\Profiles\s804d0w7.default\extensions\ffxtlbr@babylon.com\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{98889811-442D-49dd-99D7-DC866BE87DBC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98889811-442D-49dd-99D7-DC866BE87DBC}\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2472689237-2822399416-2604177735-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.
Registry value HKEY_USERS\S-1-5-21-2472689237-2822399416-2604177735-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{3E1201F4-1707-409F-BB45-A5F192381DA0} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3E1201F4-1707-409F-BB45-A5F192381DA0}\ not found.
Registry value HKEY_USERS\S-1-5-21-2472689237-2822399416-2604177735-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{88C7F2AA-F93F-432C-8F0E-B7D85967A527} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88C7F2AA-F93F-432C-8F0E-B7D85967A527}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\BabylonToolbar deleted successfully.
========== FILES ==========
File\Folder C:\Program Files\BabylonToolbar not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: haldun
->Temp folder emptied: 3171485523 bytes
->Temporary Internet Files folder emptied: 182294448 bytes
->Java cache emptied: 2648999 bytes
->FireFox cache emptied: 1118071679 bytes
->Google Chrome cache emptied: 346667351 bytes
->Apple Safari cache emptied: 158720 bytes
->Flash cache emptied: 2402 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 243346206 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 4.830,00 mb
Restore point Set: OTL Restore Point
OTL by OldTimer - Version 3.2.69.0 log created on 01212013_203027
Files\Folders moved on Reboot...
File\Folder C:\Windows\temp\TMP0000000165EF1089260C675F not found!
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
do I have to quick scan again?
my current problem i can't do anything!! avast got a cross on the icon...G!
-
OK lets now run a stronger tool
Download and Install Combofix
Download ComboFix from one of the following locations:
Link 1 (http://download.bleepingcomputer.com/sUBs/ComboFix.exe)
Link 2 (http://www.forospyware.com/sUBs/ComboFix.exe)
VERY IMPORTANT !!! Save ComboFix.exe to your Desktop
* IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here (http://forums.whatthetech.com/How_Disable_your_Security_Programs_t96260.html&pid=494216#entry494216)
- Double click on ComboFix.exe & follow the prompts.
- Accept the disclaimer and allow to update if it asks
(http://img.photobucket.com/albums/v706/ried7/NSIS_disclaimer_ENG.png)
(http://img.photobucket.com/albums/v706/ried7/NSIS_extraction.png)
- When finished, it shall produce a log for you.
- Please include the C:\ComboFix.txt in your next reply.[/b]
Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.
3. If after the reboot you get errors about programmes being marked for deletion then reboot, that will cure it.
Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now
-
I attached it
-
You should now be able to enter safe mode and run aswclear
-
It does not work! I am tired of it. I will try another antivirus program.
thnx!
-
Are you saying that Avast will not uninstall at all ?
-
Are you saying that Avast will not uninstall at all ?
I am saying that It's alright! you made a self protection mode to disable harmful programs to delete avast but now even you can't delete it and plus, I am tired of downloading tons of programs you offer me to download and try to clean avast.. Too much going on. It shouldn't be that difficult!
I have downloaded another antivirus program and by the time I am trying to get rid of avast without downloading any other program.
I appreciate your help! But i ain't no more time to waste trying to delete a program.
-
It does not work! I am tired of it. I will try another antivirus program.
thnx!
Hi Hal7:
It's unfortunate and quite confusing as to the issues you are having trying to uninstall your Avast product.
Essexboy is widely experienced at solving these kinds of issues and if you followed his instruction to the letter then all should be fine.
However as you have stated, you still seem unable to uninstall your Avast ???
The reality is, if you have not uninstalled Avast and you install another Anti Virus program you could/will end up with more problems then you appear to be experiencing at this point.
I would suggest you continue to work with Essexboy slowly and calmly until he can pinpoint just what the problem is.
Just a suggestion. ;) 8)
-
I did everything just as you guys said and i tried one more time! :(:(
But I need to use my computer!! So I thought I could use norton for a time.. I downloaded yesterday and now pc restarted itself after a blue screen.. and now norton antivirus program says "You disabled antivirus program...." There's a virus or someone playing with me or something what? I did everything what you told me to do what do I have to do...? I am not Happy..
-
We need to determine what the virus is first .. We can do a quick rootkit scan or we could use an AV scan outside of windows
Download the GMER Rootkit Scanner (http://www.gmer.net/). to your Desktop, it will be a randomly named .exe file .
Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while the scan is being performed. Do not use your computer for anything else during the scan.
Double-click the file you downloaded. The program will begin to run.
(https://dl.dropbox.com/u/73555776/GMER_Open.JPG)
**Caution**
These types of scans can produce false positives. Do NOT take any action on any "<--- ROOKIT" entries unless advised!
If possible rootkit activity is found, you will be asked if you would like to perform a full scan.- Click NO
- In the right panel, you will see a bunch of boxes that have been checked ... leave everything checked and ensure the Show all box is un-checked.
- Now click the Scan button.
Once the scan is complete, you may receive another notice about rootkit activity.
- Click OK.
- GMER will produce a log. Click on the [Save..] button, and in the File name area, type in "GMER.txt"
- Save it where you can easily find it, such as your desktop.
Post the contents of GMER.txt in your next reply.
-
I have done it. GMER.txt is attached.
-
I can see Norton on there but no sign of a rootkit or anything, definitely something unusual happening here
I will have a rummage around to see what I can find out
-
I was desperate so I downloaded norton:) I have really no idea what's going on! I hope you will be able to help me! ..
Thnx!
-
I will use a different AV to determine what the problem is.. The most important part is the analysis zip file. That cannot be posted on the forum so will need to be either put in dropbox or uploaded to a file sharing site
Download AVPTool from Here (http://devbuilds.kaspersky-labs.com/devbuilds/AVPTool/) to your desktop
Run the programme you have just downloaded to your desktop ( it will be randomly named )
First we will run a virus scan
On the first tab select all elements down to Computer and then select start scan
Once it has finished select report and post that.
(http://i1224.photobucket.com/albums/ee362/Essexboy3/AVPfront.gif)
(http://i1224.photobucket.com/albums/ee362/Essexboy3/avpsettings.gif)
Do not close AVPTool or it will self uninstall, if it does uninstall - - then just rerun the setup file on your desktop
Now an analysis scan
Select the Manual Disinfection tab
Press the Gather System Information button
Once done Open the last report saved folder then attach the zip file to your next post zip
The file is located at C:\Users\your name\Desktop\Virus Removal Tool\setup_9.0.0.722_05.01.2011_20-34\LOG\avptool_sysinfo.zip
(http://i1224.photobucket.com/albums/ee362/Essexboy3/AVPAnalysis.gif)
-
But I got a not deleted avast, norton and now again another program.. I am concerned about my harddisk...
-
This programme will not install and it will ignore the other antivirus programmes
-
I ve selected the options you ve showed an scanning finish time: "in 6 hours" it says. What do you say?
-
You can skip direct to the analysis partition if you wish
-
It s attached I had to change it to log.txt
-
It is the HTML file that I require could you upload that please
-
Oke..
-
There is nothing in there that shows why Norton will not run and Avast not uninstall. I will have a hunt around for further information
-
Ow I read your post again.. Norton works! I didn't say that norton doesn't work..But yea avast doesn't uninstall!
-
OK I will run a manual install .. Could you run OTL please ensuring all users is selected
-
Here it is.
-
I see some files in transparent mode on my desktop. desktop.ini and some other just personal files... why?
-
They are hidden files which will be reset later
Run this fix from safe mode please
Warning This fix is only relevant for this system and no other, using on another computer may cause problems
Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot
Run OTL
- Under the Custom Scans/Fixes box at the bottom, paste in the following
(https://dl.dropbox.com/u/73555776/OTL_Fix.GIF)
:OTL
SRV - [2011.11.28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
DRV - [2011.11.28 18:53:53 | 000,435,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011.11.28 18:53:35 | 000,314,456 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011.11.28 18:52:19 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011.11.28 18:52:16 | 000,052,952 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011.11.28 18:52:07 | 000,055,128 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011.11.28 18:51:50 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
[2013.01.24 21:01:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2013.01.24 17:13:57 | 000,100,352 | ---- | C] (GMER) -- C:\ufldipoc.sys
[2013.01.21 21:50:02 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013.01.21 21:50:02 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013.01.21 21:50:02 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013.01.21 21:49:48 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.01.21 21:49:22 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013.01.21 20:30:27 | 000,000,000 | ---D | C] -- C:\_OTL
[2013.01.25 14:19:22 | 000,017,547 | ---- | M] () -- C:\Users\haldun\Desktop\avptool_sysinfo.zip
[2013.01.25 14:14:52 | 000,098,382 | ---- | M] () -- C:\Users\haldun\Desktop\avz_sysinfo.htm
[2013.01.25 14:20:00 | 000,098,382 | ---- | C] () -- C:\Users\haldun\Desktop\avz_sysinfo.htm
[2013.01.25 14:19:22 | 000,017,547 | ---- | C] () -- C:\Users\haldun\Desktop\avptool_sysinfo.zip
[2013.01.24 20:57:56 | 155,450,288 | ---- | C] () -- C:\Users\haldun\Desktop\setup_11.0.0.1245.x01_2013_01_24_21_48.exe
:Files
C:\Program Files\AVAST Software
:Commands
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]- Then click the Run Fix button at the top
- Let the program run unhindered, reboot the PC when it is done
- Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.