Avast WEBforum

Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: kaposidd on August 20, 2010, 09:33:42 PM

Title: Avast 5 not updating & Firewall/AntiSpam not working
Post by: kaposidd on August 20, 2010, 09:33:42 PM

Hi Avast Team

I am helping a friend of mine with Avast who has Win XP,Avast 5.0.594 update current version 100712-0 with release date 7/12/2010 06:53:32.
Everytime I try to update it stucks at Downloading file: servers.def.vpx and then it gives "Error: Cannot connect to server"

Automatic updates also not working.

Steps that I have done:
1. Ran MBAM & removed infected files
2. Ran CCleaner & temp file cleaner
3. Scanned using Spyware Doctor & removed infected files.
4. Uninstalled(Add/remove) restarted & re-installed in normal mode.
5. Did try to repair avast during the process of uninstallation
6. Also tried update component during uninstalled
5. Uninstalled using aswClear5.exe in safe mode restarted in normal mode downloaded new file from avast site & installed.
After doing all the above steps I get the same error while trying to update virus definations Downloading file: servers.def.vpx and then it gives "Error: Cannot connect to server

It has gone more worse now Firewall & AntiSpam not working.

I am not able to attach screenshots, if you require it I can do that but you need to tell me how to do that.

Reason for the above problem along with the resolution would be highly appreciable.

Title: Re: Avast 5 not updating & Firewall/AntiSpam not working
Post by: Pondus on August 20, 2010, 09:45:57 PM

Follow this guide from Essexboy and post the log`s here
http://forum.avast.com/index.php?topic=53253.0


lower left corner: Additional Options > Attach ( OTL.Txt and Extras.Txt. and MBAM scan log )

Title: Re: Avast 5 not updating & Firewall/AntiSpam not working
Post by: kaposidd on August 20, 2010, 10:36:00 PM

Hi Pondus pls find the attached files.

Title: Re: Avast 5 not updating & Firewall/AntiSpam not working
Post by: essexboy on August 20, 2010, 10:47:22 PM

On completion of this run try the updates again

Run OTL

• Under the Custom Scans/Fixes box at the bottom, paste in the following
  
  
  Quote

  :OTL
  IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
  IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
  IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:6522
  IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
  IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
  IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:6522
  IE - HKU\S-1-5-21-429705476-915702366-3214017248-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
  IE - HKU\S-1-5-21-429705476-915702366-3214017248-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
  IE - HKU\S-1-5-21-429705476-915702366-3214017248-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:6522
  O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
  O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
  O3 - HKU\S-1-5-21-429705476-915702366-3214017248-1006\..\Toolbar\WebBrowser: (no name) - {1C56E97B-A95F-47B2-93C0-3FEED24479A7} - No CLSID value found.
  O3 - HKU\S-1-5-21-429705476-915702366-3214017248-1006\..\Toolbar\WebBrowser: (no name) - {6CD56C02-CB4D-41B5-A0FE-B479061CCB41} - No CLSID value found.
  O4 - HKLM..\RunServices: [0.5429704596585395] C:\DOCUME~1\Walt\LOCALS~1\Temp\0.5429704596585395.exe File not found
  O4 - HKLM..\RunServices: [pdfupd] c:\docume~1\walt\locals~1\temp\pdfupd.exe File not found
  O4 - HKLM..\RunServices: [QuickTimeRecursosQuickTime] C:\program files\quicktime\qtsystem\quicktimeinternetextras.resources\pt.lproj\recursosquicktimequicktime7.6.6.exe File not found
  O4 - HKLM..\RunServices: [update[2] c:\documents and settings\walt\local settings\temporary internet files\content.ie5\4ii4ix9y\update[2].exe File not found
  
  :Reg
  [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
  "8085:TCP"=-
  
  :Files
  ipconfig /flushdns /c
  
  :Commands
  [purity]
  [resethosts]
  [emptytemp]
  [EMPTYFLASH]
  [CREATERESTOREPOINT]
  [Reboot]

  
  
• Then click the Run Fix button at the top
  
• Let the program run unhindered, reboot the PC when it is done
• Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
  

Title: Re: Avast 5 not updating & Firewall/AntiSpam not working
Post by: kaposidd on August 20, 2010, 10:57:14 PM

Do I need to do just quick scan or do I need to enter the following as per your other post.

netsvcs
%SYSTEMDRIVE%\*.*
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\Fonts\*.ini
%systemroot%\Fonts\*.ini2
%systemroot%\Fonts\*.exe
%systemroot%\system32\spool\prtprocs\w32x86\*.*
%systemroot%\REPAIR\*.bak1
%systemroot%\REPAIR\*.ini
%systemroot%\system32\*.jpg
%systemroot%\*.jpg
%systemroot%\*.png
%systemroot%\*.scr
%systemroot%\*._sy
%APPDATA%\Adobe\Update\*.*
%ALLUSERSPROFILE%\Favorites\*.*
%APPDATA%\Microsoft\*.*
%PROGRAMFILES%\*.*
%APPDATA%\Update\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\System32\config\*.sav
%PROGRAMFILES%\bak. /s
%systemroot%\system32\bak. /s
%ALLUSERSPROFILE%\Start Menu\*.lnk /x
%systemroot%\system32\config\systemprofile\*.dat /x
%systemroot%\*.config
%systemroot%\system32\*.db
%PROGRAMFILES%\Internet Explorer\*.dat
%APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x
%USERPROFILE%\Desktop\*.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs

Title: Re: Avast 5 not updating & Firewall/AntiSpam not working
Post by: essexboy on August 20, 2010, 11:00:40 PM

Jusat a quick scan will do - it will show me whether OTL was strong enough or I need to ramp up a gear

Can you update after running the fix ?

Title: Re: Avast 5 not updating & Firewall/AntiSpam not working
Post by: kaposidd on August 20, 2010, 11:04:52 PM

Hi Essexboy thanks for helping me out.

The fix has not helped at all ..... everything is the same.
Not able to  update or enable firewall/antispam.

Attaching the fix log file & quick scan log file

I think you might need to gear up  ;)

Title: Re: Avast 5 not updating & Firewall/AntiSpam not working
Post by: essexboy on August 20, 2010, 11:07:47 PM

OK one of the elements I tried to remove has re-instated it self - time to up the stakes

Download ComboFix from one of these locations:


Link 1 (http://www.forospyware.com/sUBs/ComboFix.exe)
Link 2 (http://download.bleepingcomputer.com/sUBs/ComboFix.exe)


* IMPORTANT !!! Save ComboFix.exe to your Desktop

• Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
• Double click on ComboFix.exe & follow the prompts.
• As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal.  It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
• Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

(http://img.photobucket.com/albums/v706/ried7/RcAuto1.gif)

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

(http://img.photobucket.com/albums/v706/ried7/whatnext.png)


Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you.  Please include the C:\ComboFix.txt in your next reply.

Title: Re: Avast 5 not updating & Firewall/AntiSpam not working
Post by: kaposidd on August 20, 2010, 11:52:30 PM

No progress after running combofix

PFA for Combofix log

Title: Re: Avast 5 not updating & Firewall/AntiSpam not working
Post by: essexboy on August 21, 2010, 11:50:14 AM

Next we will need to uninstall McAfee also what firewall are you using ?

Details and removal tool here http://service.mcafee.com/FAQDocument.aspx?id=TS100507

Title: Re: Avast 5 not updating & Firewall/AntiSpam not working
Post by: kaposidd on August 21, 2010, 12:50:07 PM

Earlier the system had Spyhunter I already uninstalled however its present in the foloowing location.

c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys
--> c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys

Can I simply delete them??

Sorry I never noticed McaFee since it was not showing as a installed software ...... I need to take care of it.

If after removing McaFee it does not work then what could be the next step??

**Note: After running combofix I uninstalled/reinstalled Avast & now the Pro features are missing & even after inserting the license file it not showing there neither the expiration date.

Title: Re: Avast 5 not updating & Firewall/AntiSpam not working
Post by: kaposidd on August 21, 2010, 02:25:31 PM

Uninstalled McaFee & restarted
Now its showing the registration details + pro features(but disabled)
Avast Firewall/Antispam not working when tried to update got a new error message
Error:cannot connect to a955sl.avast.com(74.86.125.46:80)

Uninstalled Avast in safe mode using the aswclear utility.
Installed in normal mode.

Back to square one and got the same error as posted in the 1st post.  :'(

Title: Re: Avast 5 not updating & Firewall/AntiSpam not working
Post by: essexboy on August 21, 2010, 03:02:27 PM

OK lets make sure that it has all gone.  I also see PCTools as well - do you use that one ?  

Run OTL

• Under the Custom Scans/Fixes box at the bottom, paste in the following
  
  
  Quote

  :OTL
  DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
  DRV - [2010/05/31 20:32:58 | 000,088,480 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendiskmp)
  DRV - [2010/05/31 20:32:58 | 000,088,480 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendisk)
  DRV - [2009/09/16 10:22:48 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfesmfk.sys -- (mfesmfk)
  DRV - [2009/09/16 10:22:14 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdk.sys -- (mferkdk)
  O4 - HKLM..\RunServices: [update[2] c:\documents and settings\walt\local settings\temporary internet files\content.ie5\4ii4ix9y\update[2].exe File not found
  [2010/05/31 20:32:58 | 000,088,480 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfendisk.sys
  [2008/09/28 00:08:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\jebcdena
  [2009/02/27 09:35:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Walt\Application Data\.wyzo
  
  :Files
  ipconfig /flushdns /c
  C:\Program Files\Enigma Software Group
  
  :Commands
  [purity]
  [resethosts]
  [emptytemp]
  [EMPTYFLASH]
  [CREATERESTOREPOINT]
  [Reboot]

  
  
• Then click the Run Fix button at the top
  
• Let the program run unhindered, reboot the PC when it is done
• Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
  

EDIT : Do you use a router and do any other systems that use it have the same problem ?

Title: Re: Avast 5 not updating & Firewall/AntiSpam not working
Post by: kaposidd on August 21, 2010, 03:11:57 PM

Yes I did use PCTools spyware doctor(as mentioned in the first post) to remove infected files & that was after Avast was causing problem but it has been removed now.

Yes its connected wirelessly hence using a router.

Should I use Dial-a-fix to check for any policies??

Title: Re: Avast 5 not updating & Firewall/AntiSpam not working
Post by: essexboy on August 21, 2010, 03:19:10 PM

Lets have a look see first

Please download (http://artellos.com/sino-page) SINO by Artellos (http://artellos.com/me).

• Save SINO to a place you can remember and run SINO.exe. (If you downloaded the ZIP version you will need to extract it first)
  
• Then please check the following checkboxes:

Code: [Select]

System Info
Services
Boot Check
Tasklist
Startup Items
Event Log
Ipconfig
Ping
Netstat
Hosts file
Shares
Routing Table

• Once checked, hit the Run Scan! button and wait for the program to finish the scan.
  
  
• A notepad window will pop up. Please copy all of the content into your next reply.

Note: If you try to interact with the program once it’s started scanning it might appear to hang. The scan however will continue.

Title: Re: Avast 5 not updating & Firewall/AntiSpam not working
Post by: kaposidd on August 21, 2010, 03:25:53 PM

Hi Martin

Thanks for all the help however my customer does not want to perform any more troubleshooting.
He would take the online backup of all the data & perform the OS reinstall.

If even that does not help then he would ask for a refund from Avast.

Siddhartha

Title: Re: Avast 5 not updating & Firewall/AntiSpam not working
Post by: essexboy on August 21, 2010, 03:27:36 PM

No probls - a nice little ride though

Sino is a handy diagnostic tool

Title: Re: Avast 5 not updating & Firewall/AntiSpam not working
Post by: kaposidd on August 21, 2010, 05:05:16 PM

Hi Martin

I provide remote technical support but ofcourse  I don't know everything.
Would appreciate if you can educate me about the usage of OTL & Sino or if you can provide me any documentation for the same.

Regards
Sid

Title: Re: Avast 5 not updating & Firewall/AntiSpam not working
Post by: Pondus on August 21, 2010, 05:17:05 PM

Quote

Would appreciate if you can educate me about the usage of OTL & Sino or if you can provide me any documentation for the same.

OTL Tutorial now made public
http://forum.avast.com/index.php?topic=60089.0

Title: Re: Avast 5 not updating & Firewall/AntiSpam not working
Post by: essexboy on August 21, 2010, 05:45:48 PM

OTL tutorial is here http://www.geekstogo.com/forum/topic/277391-otl-tutorial-how-to-use-oldtimer-listit/

For Sino there is no tutorial as such - however this is the generated output - as taken from my 64bit windows 7 - I will need to attach it as it is to long to post on the forum  ;D

If you wish I can ask Olrik for a copy of the help file

Title: Re: Avast 5 not updating & Firewall/AntiSpam not working
Post by: kaposidd on August 23, 2010, 12:32:40 AM

Hi Martin

Thanks for the OTL tutorial. I would not need the Sino tut. b'coz I provide remote support hence I can get all info.

Ques.: Is Avast good enough as a complete security package or would you recommend any other s/w for common user??

Sid

Title: Re: Avast 5 not updating & Firewall/AntiSpam not working
Post by: essexboy on August 23, 2010, 11:49:41 AM

I have been running with Avast now for about 6 years and have never been infected (unintentionally) I run a monthly scan with MBAM (if I remember) and never had nary a problem.  The main cause of malware is indiscriminate clicking by the user