Avast WEBforum
Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: a_vast on October 14, 2013, 11:18:01 PM
-
Hi,
I had something suspicious on my computer. Malwarebytes found it and I deleted it. A full Avast scan was then done and gave the all clear. But the computer was still freezing, so I went into Safe Mode Networking and tried to update the Avast Engine / Programme versions. But Avast would not update :(
Is this correct please, will Avast not update in Safe Mode Networking? Malwarebytes will do though.
Thanks,
AV
-
AFAIK, Malwarebytes does not install a driver or depend on any other Windows services, so it can indeed update and run in Safe Mode.
Avast like all anti-virus programs, can only run it's real time protection driver in Normal mode.
You can probably use the manual VPS update from here: http://www.avast.com/download-update (http://www.avast.com/download-update)
Perhaps somebody more important can confirm this?
-
Avast by default doesn't run in safe mode.
So if you go into safe mode, you would have to manually start avast (avast! desktop shortcut or Start, All Programs, avast!), did you do that ?
Then you could try a manual virus definitions update (program update isn't something I would consider), did you try that ?
If so what errors did you get ?
The download and install of the manual download of the complete virus definitions update (from the link given), should also work, but that is approximately 103mb download. This could take some time and you may be vulnerable on-line for that time if you have a slow connection, you could download it using another computer and transfer using a USB/CD/DVD.
-
Many thanks,
That is helpful. I am away from the desktop just now but will resume shortly. When I open Avast in Safe Network Mode there is that row of little icons showing all the Avast functions. Normally they are all green but in Safe Network they each have a red line under them, meaning that they are disabled.
AV
-
I have downloded AVAST Software Setup Engine and saved at Desktop to another computer. Will I burn this download to disc please?
Would I then insert the disc into the problem computer in Safe Mode, then run it from the disc?
Thanks,
AV
-
The file can be copied to the system and run (double click) it from normal mode.
-
Negative, the affected computer boots normally then freezes, eventually the hour glass appears over whatever you ask to open. It only runs in Safe Mode.
Can I run the download from the cd in Safe Mode please?
-
Avast doesn't run from safe mode, so I don't know if when you try to run this vps update nothing will happen as avast isn't running to recognise it. You can try to start avast in safe mode, if it starts then you can try to run the vps update file.
-
:o getting scared. Am positive have run Avast in Safe Mode before. When you open Avast in SM, Avast has a :-| smiley face and a title saying 'Resolve Issues' or something?
-
As I said if you are able to start it in safe mode then try and run the update from safe mode.
That said if you can't run your system in normal mode, that really is something that you should be trying to resolve.
-
...if you can't run your system in normal mode, that really is something that you should be trying to resolve.
Many thanks, & hence my thread.
AV
-
Yes, but the title is misleading, as it is more about not being able to get avast updates from safe mode. Rather than emphasising the greater problem problem of not being able to boot into normal mode. In all honesty even if you manage to install the virus definitions update I don't believe that will resolve the greater problem.
If you are able to post the contents of the mbam scan log it might help us, if what has been removed is crucial or even a false positive.
So this will probably require specialist help by one of the malware removal specialists. It is almost 1am in the UK and a little later in Europe, so many of the volunteer specialists will be in bed.
-
Thank you. My computer almost certainly has an infection which has disabled it. Any help and / or advice more than welcome please.
Best regards,
AV
-
What os (service packs) do you have?
What exact version of avast?
Are you getting a error or something when trying to boot in normal mode?
Have you waited e.g. 30 minutes when trying to boot in normal mode? (it can take a while before a error appears)
And please follow these instructions (if possible): http://forum.avast.com/index.php?topic=53253.0 (http://forum.avast.com/index.php?topic=53253.0)
-
Thanks David and Eddy,
Pretty sure I am running Avast Pro on that 2core, but it's bundled up now, will resume work on it in a couple of days.
The 2core boots normally but then slowly starts to freeze from that moment on, with everything you point to with the cursor yielding the hourglass icon, so you never get past the desktop. Eventually everything freezes, no mouse control or anything. In Safe Mode there is full control of whatever is enabled in SM.
Just had a thought, if all else fails (I now have that Avast download burned to CD) could I not remove the 2core 'C' drive, place it in an external casing, then run it - as an external drive - with a full Avast scan from a healthy computer please?
Thanks again,
AV
-
Update: I loaded the cd to the 2core and opened the Avast file which copied over successfully. I have now commenced a full virus scan in Safe Mode.
Another thought - would it also be possible to load (usb key) the latest MBAM file to the 2core please - and if so, where would I download it?
Anything else I can copy to the 2core while it is isolated from the Internet?
Thanks,
AV
-
Update: negative.
It's AvastPro btw.
Did a full Avast scan in Safe Mode which gave 'No Threat Found'. I then selected Boot Scan at startup, and did a restart. But no boot scan happened. Same old thing - computer boots up as normal, cursor works until it passes down to the lower margin (where the Windows button is) then you get the hourglass.
Then when you try to click on a desktop icon the cursor turns into the hourglass again, and that's it, system freeze :( The processor led light still flickers now and then, so something is going on somewhere, no idea what though.
It must be diagnostic that the boot scan is prevented in normal mode - any ideas please?
Will also investigate that earlier link.
Thanks,
AV
ps. might a system restore help here?
-
Update:
The 2core is without Internet connectivity at the moment and I can't fit a dongle to it. The wireless connector Belkin USB N150 apparently has driver issues, to add to my woes. Not that fitting anything to the 2core would have much effect in normal mode at the moment.
I downloaded the latest ADWcleaner to a usb key and ran it on the 2core. After the scan and clean I clicked on the log but it opened Adobe Reader which couldn't open the text file. I have noticed Reader opening since I have had this issue, it is obviously linked to what is going on.
After running ADWcleaner I attempted an Avast scan in normal mode which froze after about 2 seconds.
What about saving other diagnostic or anti-virus/malware programs to usb key and running them, is that also possible please?
Thanks,
AV
-
Dear Avast forum,
Please find attached MBAM log which opened in txt.
Comments appreciated.
AV
-
Since there is nothing (detections) on the mbam log it isn't going to be much help. Not to mention you haven't updated the database for some considerable time (Database version: v2012.12.14.11), security based programs must be kept up to date or they aren't effective.
Your version of mbam is also out of date Malwarebytes Anti-Malware (PRO) 1.70.0.1100 when the latest is Malwarebytes Anti-Malware (PRO) 1.75.0.1300.
Since you have the Pro version, you should have it do auto updates, this keeps the program and definitions up to date. You should also consider enabling the protection.
####
You need to open the Start Scanner and check the Logs tab and look for the log where you actually detected something which you deleted (it should be in the Quarantine), ending up with the problem in booting. Posting the contents of that log will help, as it would give an idea if what was deleted was crucial and could have messed up the normal boot function.
-
Hi there lets see if we can locate the problem for you
First we will try a clean boot and see if that eases the problem, if it does we will continue from there
In the search box type Msconfig and select the programme that appears at the top
1.In the System Configuration Utility dialog box, click Selective Startup on the General tab.
(https://dl.dropboxusercontent.com/u/73555776/Cleanboot1.JPG)
2.Click to clear the Load Startup Items check box.
NoteThe Use Original Boot.ini check box is unavailable.
3.Click the Services tab.
4.Click to select the Hide All Microsoft Services check box.
(https://dl.dropboxusercontent.com/u/73555776/cleanboot2.JPG)
5.Click Disable All, and then click OK.
6.When you are prompted, click Restart.
Is the computer behaving normally now ?
-
Hi there lets see if we can locate the problem for you
First we will try a clean boot and see if that eases the problem, if it does we will continue from there
In the search box type Msconfig and select the programme that appears at the top
1.In the System Configuration Utility dialog box, click Selective Startup on the General tab.
2.Click to clear the Load Startup Items check box.
NoteThe Use Original Boot.ini check box is unavailable.
3.Click the Services tab.
4.Click to select the Hide All Microsoft Services check box.
5.Click Disable All, and then click OK.
6.When you are prompted, click Restart.
Is the computer behaving normally now ?
Cool.
The computer has been running in normal mode for 10 minutes, that's about 9 minutes 58 seconds longer than it's been running - normal mode - for a week. It went straight into full scan and has been scanning for 10 minutes but the percent is still at 0%. Nevertheless, the computer is running and the processor is functioning, I have the Task Manager window on, to see what is going on, not that it tells me a great deal. But so far so good :)
-
...Your version of mbam is also out of date Malwarebytes Anti-Malware (PRO) 1.70.0.1100 when the latest is Malwarebytes Anti-Malware (PRO) 1.75.0.1300...
Many thanks, I'm doing the best I can: the computer has no Internet connection since the Belkin dongle N150 let me down, and a replacement dongle is proably many days away, so I can't easily update any of these programmes.
AV
-
OK now comes the boring bit
Go into Msconfig again and re-enable half of the services.
Reboot
Is it still running normally ?
If yes then enable half of the remaining services and repeat etc. etc. until we can determine which service is causing the problem
-
ok will do 8)
but first here is a snap of the scan in progress - over 10 mins & still 0%?
(http://i124.photobucket.com/albums/p32/r_i_c_2007/avastscan531_zps70ac9d4c.jpg)
Oops, wait up - that timer makes no sense to me! :o I do believe that scan has crashed?
-
So the answer is no at the moment - the 2core's not running normally in normal mode. It hasn't crashed but the Avast scan has been (?) disabled. MBAM still functions okay even though it cannot be updated at the moment. I always manually updated MBAM daily. What the Avast subscription message means is a mystery to me. I paid for a full subscription 'Pro' about a year ago, is there a window somewhere showing my subscriptions and payments please?
However - the odd computer bahaviour is more important at the moment - what is disabling Avast?
Thanks,
AV
-
That appears to be V8 am I correct ?
-
That appears to be V8 am I correct ?
Yes, it's v8.
-
Are you prepared to try V9, if so you will need to do a clean install
-
Are you prepared to try V9, if so you will need to do a clean install
You mean Version 9? That's going to have to wait till I can hook up to the Internet?
Meanwhile I tried to get Avast to custom scan C: drive and got the following message with a white 'x' in a red circle: "Unable To Start Scan - There are no more endpoints available from the endpoint mapper. OK."
Just added that in case it throws any more light on things?
Btw, still the option of removing the C: drive and placing it in an external enclosure, then flushing it through with a current Avast + Malwarbytes from a healthy laptop? Just a thought ???
-
Just plugged a RogueKiller version into the 2core (attached log)
-
Are you prepared to try V9, if so you will need to do a clean install
You mean Version 9? That's going to have to wait till I can hook up to the Internet?
Can I download a clean install to cd then run that in the 2core please?
AV
-
URGENT PLEASE!! :o
Now have stricken computer online updating/scanning with MBAM but Avast cannot update - now in Normal Running Mode!!!
Help please - I have no anti-virus - urgent help please!!!!
-
When you say avast can't update, we need to know why, e.g. what errors were displayed, etc. That gives us a clue as to what to suggest.
The fact that avast can't update doesn't mean you have no antivirus.
Is the avast tray icon present and occasionally do you see it rotate (indicates it is scanning), are there any other signs over the icon like an ! or an X ?
Check the task manager are the avastSvc.exe and avastui.exe shown ?
-
Since you are not exactly providing details, I suggest you do a clean install of the OS or when it has the option "restore to factory defaults".
-
Thanks, I already posted - Reply #29 on: Yesterday at 10:37:02 PM - the white 'x' in a red circle pop-up which indicated no anti-virus, but I received no comment. That was exactly what I got just now. In desperation, I have just downloaded the free version, and it is now doing a full virus scan, so my system is secure; I now also have the latest MBAM in place.
Gosh. This is the first time my 2core has run on normal mode for over a week now, and I still don't know what the problem was?
Fingers crossed.
Am darn sure my pro subscription is still running but I have never been able to make any sense of Avast subscriptions - payments, dates, time remaining - a lot of the subscription time periods I see seem to make no sense. Please advise.
Thanks,
AV
-
Are you still running in clean boot mode.. If so we can try to determine which service is causing the problem
-
Are you still running in clean boot mode.. If so we can try to determine which service is causing the problem
Thanks, 2core now running in normal mode - am typing this on it - [dongle arrived] - for the first time in a week! :) Latest MBAM attached.
-
OK that was a bit of adware, lets see what else is hiding
Download OTL (http://oldtimer.geekstogo.com/OTL.exe) to your Desktop
Secondary link (http://www.itxassociates.com/OT-Tools/OTL.exe)
- Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
(https://dl.dropboxusercontent.com/u/73555776/OTL_Main_Tutorial.gif)
- Select All Users
- Select LOP and Purity
- Under the Custom Scan box paste this in
netsvcs
BASESERVICES
%SYSTEMDRIVE%\*.exe
c:\program files (x86)\Google\Desktop
c:\program files\Google\Desktop
dir "%systemdrive%\*" /S /A:L /C
CREATERESTOREPOINT
- Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
- When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
- Attach both logs
-
Thanks, will do: just scanning an external drive at the moment to make sure nothing's lurking there :-o
-
OK that was a bit of adware, lets see what else is hiding
Download OTL (http://oldtimer.geekstogo.com/OTL.exe) to your Desktop
Secondary link (http://www.itxassociates.com/OT-Tools/OTL.exe)
- Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
- Select All Users
- Select LOP and Purity
- Under the Custom Scan box paste this in
netsvcs
BASESERVICES
%SYSTEMDRIVE%\*.exe
c:\program files (x86)\Google\Desktop
c:\program files\Google\Desktop
dir "%systemdrive%\*" /S /A:L /C
CREATERESTOREPOINT
- Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
- When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
- Attach both logs
OK thanks done - but there was only one text file (attached) 8)
-
found the other file - i think? No, the Extras.Txt. does not seem to be on my computer anywhere?
-
On completion can you let me know what the problems are
Warning This fix is only relevant for this system and no other, using on another computer may cause problems
Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot
Run OTL
- Under the Custom Scans/Fixes box at the bottom, paste in the following
(https://dl.dropbox.com/u/73555776/OTL_Fix.GIF)
:Commands
[CREATERESTOREPOINT]
:OTL
DRV - File not found [Kernel | On_Demand | Stopped] -- M:\Downloads\WinFlash.sys -- (WINFLASH)
IE - HKLM\..\SearchScopes\{040FE35B-78CC-BC61-C115-3FCE16B1888B}: "URL" = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dnldmsd&cd=2XzuyEtN2Y1L1QzutDtDtC0A0AtDyD0AtCzy0EyE0AyCyDyCtN0D0Tzu0CyCtDzztN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1Q1G1I1Q1H1B1Q&cr=257599825&ir=
IE - HKLM\..\SearchScopes\{1DD4E3E6-63C6-CF1A-ED15-09C14344333B}: "URL" = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dnldmsd&cd=2XzuyEtN2Y1L1QzutDtDtC0A0AtDyD0AtCzy0EyE0AyCyDyCtN0D0Tzu0CyCtDzytN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1Q1G1I1Q1H1B1Q&cr=718354783&ir=
O2 - BHO: (no name) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No CLSID value found.
O2 - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No CLSID value found.
:Commands
[resethosts]
[emptytemp]
[Reboot]- Then click the Run Fix button at the top
- Let the program run unhindered, reboot the PC when it is done
- Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
THEN
Please download Junkware Removal Tool (http://thisisudax.org/downloads/JRT.exe) to your desktop.
- Right-mouse click JRT.exe and select "Run as Administrator" the tool will open and start scanning your system
- please be patient as this can take a while to complete depending on your system's specifications
- On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
- post the contents of JRT.txt into your next message.
-
woah, one at a time please ;)
i think OTL found a couple of things?
-
Ran Junkware Removal with thanks :)
-
What are your current problems ?
-
What are your current problems ?
Thanks, I think I'm in the clear. Roadworks just bit into a BT junction box 400 yards from my gaff, so I've been without a phone line + sporadic broadband since last Friday :-o but apart from that the computer seems to be behaving itself at the moment.
This is my workhorse so will upgrade from Free to Pro when the dust has settled, but Avast subscriptions have always foxed me - the bit where they send you a file you have to run is where it all unravels for me - why not just enable the antivirus download when you pay at the site, why the added hurdle or receiving an email + attachment? Never mind though.
Best thanks for your help [thumbs up!]
-
Back online. Lost track of this post due to the telephone line going down (not my fault) and being on the road almost every other day. The desktop seems to be okay now unless the gremlins are hiding away somewhere - I think I'm in the clear. Many thanks for your help.
I may reappear again and again (apologies) because I use the Internet A LOT and however careful I am, a full evening of surfing can catch you out. I do wish the repeated Safe Search plugins I plug in would stick, they seem to switch themselves on and off when they feel like it, or evaporate without trace :-o
But thanks again & to all! ;)
AV