Author Topic: Post-update problem on WinXP  (Read 18907 times)

0 Members and 1 Guest are viewing this topic.

Offline Kaasy

  • Newbie
  • *
  • Posts: 1
Re: Post-update problem on WinXP
« Reply #15 on: December 06, 2012, 06:31:29 PM »
При установлении сегодня 6.12.12 обновлений аваст на операционной системе XP выдал ошибку и подключение к интернету не происходит. Провайдер Твое TV перенаправил к Авасту, сообщив, что можно вызвать мастера. Подскажите, что делать? Санкт-Петербург.

Offline George Yves

  • Avast Überevangelist
  • Massive Poster
  • *****
  • Posts: 4155
  • Help you I can
Re: Post-update problem on WinXP
« Reply #16 on: December 06, 2012, 07:19:01 PM »
При установлении сегодня 6.12.12 обновлений аваст на операционной системе XP выдал ошибку и подключение к интернету не происходит. Провайдер Твое TV перенаправил к Авасту, сообщив, что можно вызвать мастера. Подскажите, что делать? Санкт-Петербург.
Вы постучали не в ту дверь. Вам сюда: http://forum.avast.com/index.php?board=28.0
May the FOSS be with you!

Offline teknobass

  • Newbie
  • *
  • Posts: 12
Re: Post-update problem on WinXP
« Reply #17 on: December 07, 2012, 06:02:43 AM »
Problem does still occur with virusdatabase 121206-2 . Avast still finds tcpip.sys infected. The file tcpip.sys has been patched with this tool
http://www.lvllord.de/

to increase the number of maximum half-open connections.

Hope you can fix this, a lot of people with problems world-wide

Offline intanet

  • Jr. Member
  • **
  • Posts: 30
Re: Post-update problem on WinXP
« Reply #18 on: December 07, 2012, 07:45:01 AM »
3 hours troubleshooting this problem from the time I first got the alert of the rootkit in the tcpip.sys file.  Because I am aware that tcpip has to do with the internet I hesitated to have Avast delete the file.   I recently got FIOS installed so I thought maybe Avast was reporting a false positive as does happen at times so I ran some searches on google and the avast forum but, after reading for an hour or so, I eventually allowed Avast to delete the file and then let them reboot.  But after reboot, I had no internet service and parts of Avast were disabled (web scanner and email scanner).  So I did a system restore which reinstalled the tcpip.sys file and I got the Avast warning window again about it being a rootkit but I just told Avast to ignore it.  I went to Avast website and got their telephone number to call (toll free) and I called customer care and the tech guy said my PC had a lot of errors and that's why it reported that file as being a rootkit and that I could ignore it but, for $99 he would clean my PC.  I declined.
Man! what a drag this was.  I just download AVG and am thinking of switching.

Offline Skakara

  • Full Member
  • ***
  • Posts: 198
Re: Post-update problem on WinXP
« Reply #19 on: December 17, 2012, 02:14:41 PM »
Still a problem with virus definitions.

Last week I ran my monthly "everything" scan and this came up:

C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys [L] Win32:Malware-gen (0)

Notice the directory.

I've used the patching tool from http://www.lvllord.de/ for some years now without any problems. I remember that sometimes I've used other than the default values for the "half-open connections" with the tool (maybe your new virus definitions exclude only the default value used by this tool?).

My system has 19 different tcpip.sys files and only the above one is flagged.

Virus definitions: last week scan detected with 121212-0, 12.12.2012, and now: 121217-0.

Virustotal:
Avast   Win32:Malware-gen   20121217
GData   Win32:Malware-gen   20121217 (uses avast defs)
Ikarus   Win32.Malware   20121217 (uses avast defs)
TrendMicro-HouseCall   TROJ_GEN.F47V1213   20121217

Do you want me to upload the file to you somewhere? Or attach it here to this post?


EDIT: Fixed Ikarus claim. Thanks Asyn.. I fast-googled earlier and misread some text I found, sorry.
« Last Edit: December 18, 2012, 12:09:17 AM by Skakara »

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 62348
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: Post-update problem on WinXP
« Reply #20 on: December 17, 2012, 02:22:49 PM »
Ikarus   Win32.Malware   20121217 (uses avast defs)

Since when..?? Are you sure..??
W8.1 [x64] - Avast PremSec 19.9.2394.B1 [UI.440] - CC 5.63 - EEK - Firefox ESR 68.4.1 [NS/AOS/uBO/PB] - Thunderbird 68.4.1 - ASL.B
Deutschsprachiger Bereich -> Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline Skakara

  • Full Member
  • ***
  • Posts: 198
Re: Post-update problem on WinXP
« Reply #21 on: December 19, 2012, 11:15:19 AM »
Seems to be fixed now with 121219-0.