Avast WEBforum
Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: webwiz on October 22, 2003, 07:39:50 PM
-
???Hi, I just installed Avast and everything was fine. Registration and email wizard all okay. Now when I restart my PC, the taskbar icons don't appear until I connect to the internet. :-\ ??? And when they do finally appear, if I launch the anti-virus program it shows Resident Protection as "Disabled".
I have tried setting to the Resident protection to standard and high but as soon as I close the antivirus module and reopen, it's set back to disabled? Is this how it's supposed to be?
I use a dial up connection, Windows ME, Avast ver 4.1.280, VPS file ver 0310-0 21.10.2003, I use Zone Alarm latest update, Outlook Express, and I have no other security software. There have been no error messages, and all the resident scanners are working, when I can check via the taskbar icons. :P I have also followed the instructions for dial up settings but the resident protection remains disabled.
If anyone could tell me whats wrong or reassure me it's all okay, that would be great.
Thanks
-
???..............when I restart my PC, the taskbar icons don't appear until I connect to the internet. :-\ ???
Webwiz,
I'll try to resolve this issue. Two things I would like you to do for me. Since I do not know your level of understanding, I provide some simple instructions:
Does Avast appear in the Startup?
1. Go to Start, Run...type Msconfig and enter.
2. Go to the tab Startup
3. Look in the list for ashMaisv, Avast-ashDisp, and Avast-ashserv.
Next, open up the Avast user interface and click anywhere on the interface to open up the menu. Go into Update (Connections).
Is the box checked next to "I only connect......."?
And when they do finally appear, if I launch the anti-virus program it shows Resident Protection as "Disabled
This is indicative of a failure of the OAP engine to start. It may require a compete uninstall and clean install. (We can cover this procedure if needed)
I have tried setting to the Resident protection to standard and high.....
This would have no effect since changing sensitivity only affects the files that Avast looks for during resident operation.
Is this how it's supposed to be?
Nope!
Let's start with the above. Besides, my fingers are tired. ;D
techie101
Technical..wherever you are....I'm sorry...I had to explain! ::)
-
Technical..wherever you are....I'm sorry...I had to explain! ::)
I'm here... Your explanations, besides long ;D, are quite good...
I'm surprised that your installation of avast! does not succeed...
You use a dial up connection, Windows ME, Avast ver 4.1.280, VPS file ver 0310-0 21.10.2003, I use Zone Alarm latest update, Outlook Express, and have no other security software...
Did you install - even in the past - another antivirus?
To help the fingers of techie... why don't you follow another way:
1. Download avast! 4.1.280
2. Desinstall your actual version of avast (Control Panel).
3. Boot
4. Use Avast Uninstall (http://www.avast.com/files/eng/avclear4.exe) for complete desinstallation.
5. Boot
6. Install the downloaded 4.1.280 and see what happened.
Wellcome to the foruns ;)
-
Hi Techie and Technical,
thanks for your prompt replies. :) I thought something may have been amiss.
Techie, To answer your questions;
Registry entries appearing in startup are as follows;(the reason I was confused) ???
avast! - Registry(Machine Run) - ashDisp.exe
ashMaisv - Registry(Machine Run) - ashmaisv.exe
avast! - Registry(Machine Service) - ashserv.exe
Yes, I had already checked the box I only connect via dial up, still checked.
Technical,
thanks I will attempt to uninstall and reinstall as advised. I had tried this prior to joining forums, but was unaware of avast uninstall utility at that time.
Prior to using Avast, I was using AVG. I did however clean my registry as well as I could prior to installing Avast. Prior to AVG I had Norton Antivirus 2002, but I found it caused instability. I have reformatted my hardisk though since using Norton AV, but not since AVG.
I will do as you advised and reply once I have completed it. :)
PS:-- prior to checking your replies I received a virus warning from avast. Winstart001.exe in my windows\system folder. ??? Although the resident protection was still showing disabled. However, the taskbar icons were visible as I had been connected to the internet and had not rebooted at the time. :P Sorry to add salt to the wounds. But it's quite possible this is correct, I have noticed strange things occuring for a few weeks.
Thanks again.
I will do reinstall now. ;D
-
PS:-- prior to checking your replies I received a virus warning from avast. Winstart001.exe in my windows\system folder. ??? Although the resident protection was still showing disabled.
Webwiz,
Wondering, did Avast's resident protection 'deal' with this file correctly... ie offer the options to move to chest/delete etc?.
Are you able to run the 'on access scanner'?.
-
Hi Walker,
Yes I received a warning and the options to deal with it, however nothing I tried worked, i.e. Chest, delete etc, and there was nothing recorded in the log at all? ??? :P The move to chest option came up with an error. :)
-
:'(Hi Technical/Techie,
unfortunately the unistall and reinstall did not solve the problem, and I followed your instructions exactly. It remains the same. I will download the program again in case my copy has been corrupted and try the procedure again.
Just to update you, when I checked msconfig 'startup' entries all three entries you mentioned existed. However, I also use a couple of process viewers, and they do not show ashDisp.exe as running. I tried to start the exe manually from the programs folder but was unable to do so.
I am presently without virus protection altogether so I will download again now and try once again. :P Maybe it's the winstart001.exe virus playing havoc with my system. I also noticed another EXPLORER.EXE file running in my process/task viewer which I suspect may be another virus :-\ Fortunately/unfortunately I have not had much experience with virus infections so far. I'm off to download fresh program and try again, will update again later.
Thanks for your help :)
-
webwiz, haven't you played with the RPC subsystem on your machine? Disabling/tampering RPC can have such consequences...
Vlk
-
And about winstart001.exe, if you still have it, please refer to this: http://boards.cexx.org/viewtopic.php?p=1630
Vlk
-
I also noticed another EXPLORER.EXE file running in my process/task viewer which I suspect may be another virus :-\
Little help: if your 'Folder Options' in Explorer are configurated to 'Start folders in a new proccess' (I'm trying to translate this into English), Explorer will appear more than one, I mean, each Explorer window will be shown as a different proccess...
-
webwiz, haven't you played with the RPC subsystem on your machine? Disabling/tampering RPC can have such consequences...
Vlk
??? ??? ??? ???aah! What do you mean "haven't you played with RPC Subsystem?
Resident Protection Control? No, I didn't play with anything.
But I think I will just delete avast and try something else >:(
-
And about winstart001.exe, if you still have it, please refer to this: http://boards.cexx.org/viewtopic.php?p=1630
Vlk
How would I know, I don't have any virus protection :P
-
RPC = Remote Procedure Call - a part of Windows system, responsible e.g. for the recent Blaster worm spread (due to a bug in there). Some people have disabled the RPC completely; but some programs rely on its availability.
-
I also noticed another EXPLORER.EXE file running in my process/task viewer which I suspect may be another virus :-\
Little help: if your 'Folder Options' in Explorer are configurated to 'Start folders in a new proccess' (I'm trying to translate this into English), Explorer will appear more than one, I mean, each Explorer window will be shown as a different proccess...
;)Thanks, I'll check that out.
-
RPC = Remote Procedure Call - a part of Windows system, responsible e.g. for the recent Blaster worm spread (due to a bug in there). Some people have disabled the RPC completely; but some programs rely on its availability.
Thanks Igor,
I now understand, although I did not have the Blaster worm, nor did I disable it deliberately........but is it possible the RPC is an executable called RPCSS.exe, becasue if it is, I did delete that program from my system 2 days ago as I thought it wasn't suppossed to be on my WinME system. (I thought it was only for WinNT) :-[
In actual fact, I did sucessfully recover this file today but currently have it in my windows folder. ::) I was going to ask if it could have caused the problem, but then dismissed the idea!! Please let me know if I have unwittingly caused this problem?
-
And about winstart001.exe, if you still have it, please refer to this: http://boards.cexx.org/viewtopic.php?p=1630
Vlk
Thanks for the info...
I have never seen this filename appear anywhere in my startup files ever...
the only time I have ever seen it was on avast's warning yesterday. I will do another search and see what I can find. :-[
-
Yes, I think that the file RPCSS.exe is really responsible for the RPC service on Windows 9x or ME. So, deleting it could cause the problem mentioned above.
You are right that the file is mislabeled (it's version info says "Windows NT operating system" - but this time, it should be there.
-
;D Hi everyone....
PROBLEM SOLVED.........IT WAS THE REMOTE PROCEDURE CALL SUBSYTEM FILE RPCSS.EXE WHICH I UNWITTINGLY DELETED 2 DAYS AGO. :-[ I CAN'T BELIEVE I COULD DO SOMETHING SO STUPID. I HAD KNOW IDEA AT ALL WHAT I HAD DONE, ALTHOUGH I SUSPECTED IT,EVEN THOUGH I KNEW NOTHING ABOUT THIS FILE OR WHAT IT WAS.
THANKS VLK FOR POINTING THIS OUT.
I SIMPLY EXTRACTED THE PROGRAM FROM MY CABS, AFTER STARTING IN SAFE MODE AND TADAAA! EVERYTHING IS WORKING FINE
THANKS FOR THE INPUT AND HELP EVERYONE ;D ;D
-
Yes, I think that the file RPCSS.exe is really responsible for the RPC service on Windows 9x or ME. So, deleting it could cause the problem mentioned above.
You are right that the file is mislabeled (it's version info says "Windows NT operating system" - but this time, it should be there.
;D YES YOU ARE CORRECT...THANK YOU FOR YOUR HELP IGOR.
IT IS MUCH APPRECIATED.
-
We are happy with you webwiz...
Thanking Vlk is the most common thing in these foruns...