Author Topic: Shields  (Read 19491 times)

0 Members and 1 Guest are viewing this topic.

Offline CraigB

  • Avast Überevangelist
  • Serious Graphoman
  • *****
  • Posts: 11141
  • No support PM's thanks
Re: Shields
« Reply #45 on: November 06, 2012, 01:54:51 PM »

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40627
  • Dragons by Sasha
    • Malware fixes
Re: Shields
« Reply #46 on: November 06, 2012, 03:30:26 PM »
OK lets clear the drivers for OA now  ;D

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following


Code: [Select]
:OTL
DRV - [2009/12/05 07:28:06 | 000,024,656 | ---- | M] (Tall Emu) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\OAmon.sys -- (OAmon)
DRV - [2009/12/05 07:27:52 | 000,223,312 | ---- | M] (Tall Emu) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\OADriver.sys -- (OADevice)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No CLSID value found.

:Commands
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
THEN

Download and run farbar service scanner



Tick "All" options.
Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.

Please copy and paste the log to your reply.

Offline philip brampton

  • Sr. Member
  • ****
  • Posts: 228
Re: Shields
« Reply #47 on: November 06, 2012, 04:17:11 PM »
As requested
windows 7 Home, SP1, Firefox 19,Windows Firewall,Avast Free V 8.0.1482

Offline philip brampton

  • Sr. Member
  • ****
  • Posts: 228
Re: Shields
« Reply #48 on: November 06, 2012, 04:17:58 PM »
AND
windows 7 Home, SP1, Firefox 19,Windows Firewall,Avast Free V 8.0.1482

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40627
  • Dragons by Sasha
    • Malware fixes
Re: Shields
« Reply #49 on: November 06, 2012, 04:21:17 PM »
OK we can rule out malware for now I feel. 

Reading the thread it seems as though this is not consistent, you have had times when the system holds and then loses the shields for no apparent reason.  Are you running any programmes when this occurs.. I.e. backup etc

Offline philip brampton

  • Sr. Member
  • ****
  • Posts: 228
Re: Shields
« Reply #50 on: November 06, 2012, 04:33:27 PM »
The only backup i run is on the first day of each Month.
The problem is very intermittent.
I can close my computer at Night with all shields working normally.
When i boot in the Morning only some of them are working.
I can do a clean install and then all are running until the next time i shut down and reboot the next Morning.
It is particularly annoying because all shields on my XP computer run normally 
windows 7 Home, SP1, Firefox 19,Windows Firewall,Avast Free V 8.0.1482

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40627
  • Dragons by Sasha
    • Malware fixes
Re: Shields
« Reply #51 on: November 06, 2012, 04:40:54 PM »
So it is on the shutdown that they appear to break...  Does it take a while to shutdown and do you get any windows error messages

Offline philip brampton

  • Sr. Member
  • ****
  • Posts: 228
Re: Shields
« Reply #52 on: November 06, 2012, 04:45:29 PM »
Shut down is normal.Sometimes i have to wait for a program to close but it is only a short time(10-15 seconds).
There are no messages.
Philip
windows 7 Home, SP1, Firefox 19,Windows Firewall,Avast Free V 8.0.1482

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40627
  • Dragons by Sasha
    • Malware fixes
Re: Shields
« Reply #53 on: November 06, 2012, 05:04:58 PM »
I am thinking here that the registry might not be saving properly, unfortunatel the UHP programme that MS had was not proted across to windows 7

We can check it out though

Could you create a new user profile  http://www.bleepingcomputer.com/tutorials/create-new-user-account-in-windows-vista-7/

Then see if Avast functions correctly in that profile

Offline CraigB

  • Avast Überevangelist
  • Serious Graphoman
  • *****
  • Posts: 11141
  • No support PM's thanks
Re: Shields
« Reply #54 on: November 06, 2012, 05:08:02 PM »
Philip, just out of curiosity do you have all the exclusions in place between MBAM Pro and avast - avast in the trusted list of MBAM and MBAM in the file shield exclusions of avast.

There are also four malwarebytes exe files to be placed in the avast BhS trusted processes ( mbam,exe, mbamservice.exe, mbamscheduler.exe, mbamgui.exe ) I found that since the latest MBAM and avast update that several people have been having unusual problems till all these exclusions were put in place.

Offline philip brampton

  • Sr. Member
  • ****
  • Posts: 228
Re: Shields
« Reply #55 on: November 06, 2012, 05:18:17 PM »
I don't know
Give me directions and i will gladly check
You would think by know i should know where all these things are.
Philip
windows 7 Home, SP1, Firefox 19,Windows Firewall,Avast Free V 8.0.1482

Offline CraigB

  • Avast Überevangelist
  • Serious Graphoman
  • *****
  • Posts: 11141
  • No support PM's thanks
Re: Shields
« Reply #56 on: November 06, 2012, 05:26:38 PM »
I don't know
Give me directions and i will gladly check
You would think by know i should know where all these things are.
Philip
Well the exe files are all in the malwarebytes program file, just open the behaviour shield trusted processes and click on the add button and navigate yourself to the MBAM program file and add ( double click ) those exe's.

Do the same with the program file exclusions - add the mbam program file to avast's file system shield exclusions then add the avast program file to the trusted list in mbam via the add button.

Offline philip brampton

  • Sr. Member
  • ****
  • Posts: 228
Re: Shields
« Reply #57 on: November 06, 2012, 06:32:04 PM »
I can't make any sense from your second paragraph.
The trusted processes are not available in file system exclusions.
Isn't it possible to remove Malwarebytes and be done with it rather make all these changes which should not be necessary anyway
windows 7 Home, SP1, Firefox 19,Windows Firewall,Avast Free V 8.0.1482

Offline CraigB

  • Avast Überevangelist
  • Serious Graphoman
  • *****
  • Posts: 11141
  • No support PM's thanks
Re: Shields
« Reply #58 on: November 06, 2012, 06:39:39 PM »
I can't make any sense from your second paragraph.
The trusted processes are not available in file system exclusions.
Isn't it possible to remove Malwarebytes and be done with it rather make all these changes which should not be necessary anyway
You add the avast program file to the trusted list in malwarebytes - also add the malwarebytes program file to the exclusions in the avast file system shield

If your using multiple security programs it is better to exclude them for compatibility reasons and it can also speed up your system function as both programs are not scanning each other.

These exclusions are only necessary if your running malwarebytes pro.

Offline philip brampton

  • Sr. Member
  • ****
  • Posts: 228
Re: Shields
« Reply #59 on: November 06, 2012, 07:18:55 PM »
I have removed Malwarebytes and all its fragments.And done a clean install of Avast.
All shields running normally.
I will see what happens when i boot tomorrow.
Regards
Philip
windows 7 Home, SP1, Firefox 19,Windows Firewall,Avast Free V 8.0.1482