Author Topic: my advast went unsecured  (Read 5463 times)

0 Members and 1 Guest are viewing this topic.

silverpony53

  • Guest
my advast went unsecured
« on: December 01, 2013, 03:47:12 PM »
my advast went unsecured, then when I hit fix now. I get the message:do you want the the following program to make changes to your computer. I  click yes, and it pops up again then finally nothing happens.

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37509
  • Not a avast user
Re: my advast went unsecured
« Reply #1 on: December 01, 2013, 03:51:34 PM »
Quote
my advast went unsecured,
the name is avast ... not advast   ;)


have you tried avast repair?
controlpanel > ad/remove programs > avast > uninstall/change > repair option ..... wait a minute and reboot

any change?




silverpony53

  • Guest
Re: my advast went unsecured
« Reply #2 on: December 01, 2013, 06:04:29 PM »
I tried the repair, got the message error processing packages please do full update...Did the full update got error message "There was an error while changing the product configuration.                       

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37509
  • Not a avast user
Re: my advast went unsecured
« Reply #3 on: December 01, 2013, 06:15:12 PM »
do you have any other Security programs installed?

silverpony53

  • Guest
Re: my advast went unsecured
« Reply #4 on: December 01, 2013, 06:37:40 PM »
 cc cleaner and Malwarebytes, but malwarebytes will not un install

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37509
  • Not a avast user
Re: my advast went unsecured
« Reply #5 on: December 01, 2013, 06:45:20 PM »
cc cleaner and Malwarebytes, but malwarebytes will not un install
CCleaner is not a Security program .... and Malwarebytes should work fine with avast so no need to uninstall it, but strange that at will not if you have tried

follow this guide and attach (not copy and paste) OTL diagnostic log  http://forum.avast.com/index.php?topic=53253.0
when done a log expert will have a look inside 


silverpony53

  • Guest
Re: my advast went unsecured
« Reply #6 on: December 01, 2013, 08:25:02 PM »
here is the log

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37509
  • Not a avast user
Re: my advast went unsecured
« Reply #7 on: December 01, 2013, 08:54:47 PM »
Essexboy is notified..


did you use AVG before avast?
you also seem to have lots of crap files that need removing.... essexboy will do that   ;)

« Last Edit: December 01, 2013, 08:58:32 PM by Pondus »

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: my advast went unsecured
« Reply #8 on: December 01, 2013, 09:16:04 PM »
Hi quite a lot of junk there.  Also could you uninstall AVG search

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following


Code: [Select]
:Commands
[CREATERESTOREPOINT]

:OTL
SRV - [2013/10/07 10:54:08 | 000,573,952 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe -- (DefaultTabSearch)
SRV - [2012/11/13 17:05:02 | 000,107,520 | ---- | M] () [Auto | Running] -- C:\Users\Newell\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe -- (DefaultTabUpdate)
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE:64bit: - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snap.do/?publisher=SnapdoW3i&dpid=SnapdoW3i&co=US&userid=3c0fbe7d-5220-43d4-986e-363439eb92b1&searchtype=ds&q={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&gct=ds&appid=394&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=1257605505064183&q={searchTerms}
IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snap.do/?publisher=VertiTechnology&dpid=VertiTechnology&co=US&userid=37df2716-484f-4cf0-b84c-b0d905bd0d94&searchtype=ds&q={searchTerms}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&gct=ds&appid=394&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=1257605505064183&q={searchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2438727
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snap.do/?publisher=VertiTechnology&dpid=VertiTechnology&co=US&userid=37df2716-484f-4cf0-b84c-b0d905bd0d94&searchtype=ds&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.snap.do/?publisher=VertiTechnology&dpid=VertiTechnology&co=US&userid=37df2716-484f-4cf0-b84c-b0d905bd0d94&searchtype=ds&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snap.do/?publisher=VertiTechnology&dpid=VertiTechnology&co=US&userid=37df2716-484f-4cf0-b84c-b0d905bd0d94&searchtype=ds&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snap.do/?publisher=VertiTechnology&dpid=VertiTechnology&co=US&userid=37df2716-484f-4cf0-b84c-b0d905bd0d94&searchtype=ds&q={searchTerms}
O2 - BHO: (PlayFizz Platinum Content Add-on) - {757FAD76-20D9-4973-BD64-9208ED0A0624} - C:\Users\Newell\AppData\Local\FizzPlatinum\FizzPlatinumBHO.dll (PlayFizz)
IE - HKCU\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snap.do/?publisher=VertiTechnology&dpid=VertiTechnology&co=US&userid=37df2716-484f-4cf0-b84c-b0d905bd0d94&searchtype=ds&q={searchTerms}
IE - HKCU\..\SearchScopes\{26DE70AC-4102-4184-AB70-24C884F6C07B}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=PSI&o=15116&src=kw&q={searchTerms}&locale=&apn_ptnrs=^L6&apn_dtid=^YYYYYY^W7^US&apn_uid=63251474-c681-4815-97ef-b5c0bd2068d4&apn_sauid=D2BD37C3-23DE-424A-BE01-2AF267729847
IE - HKCU\..\SearchScopes\{45A008DC-45E6-414D-AB98-A76373142D35}: "URL" = http://us.yhs4.search.yahoo.com/yhs/search?hspart=w3i&hsimp=yhs-geneiotransfer&type=W3i_IA,206,0_0,StartPage,20120102,18570,0,0,6434&p={searchTerms}
IE - HKCU\..\SearchScopes\{67421742-F870-482A-9AF2-BC9AE812C5BF}: "URL" = http://ws.infospace.com/playsushi_tbar/ws/redir?_iceUrl=true& user_id=%userid&tool_id=60231&qkw={searchTerms}
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&gct=ds&appid=394&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=1257605505064183&q={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2438727
IE - HKCU\..\SearchScopes\{B0280A43-3F54-4EB6-B5A7-D70CE57AC018}: "URL" = http://www.mysearchresults.com/search?&c=2646&t=03&q={searchTerms}
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{6013E7AC-CCA6-4207-90E0-97EDA12F2359}: C:\Users\Newell\AppData\Local\FizzPlatinum\{6013E7AC-CCA6-4207-90E0-97EDA12F2359}\ [2012/12/12 21:41:23 | 000,000,000 | ---D | M]
O2:64bit: - BHO: (DataMngr) - {C1ED9DA0-AFD0-4b90-AC6A-D3874F591014} - C:\Program Files (x86)\Search Results Toolbar\Datamngr\x64\BrowserConnection.dll (Bandoo Media Inc)
O2 - BHO: (DefaultTab Browser Helper) - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\Newell\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll (Search Results LLC.)
O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [DATAMNGR] C:\Program Files (x86)\Search Results Toolbar\Datamngr\datamngrUI.exe (Bandoo Media Inc)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe ()
O4 - HKCU..\Run: [CrawlerToolbar] "C:\PROGRA~2\CRAWLE~1\Crawler.exe" /STARTUP File not found
O4 - HKCU..\Run: [MusicManager] C:\Users\Newell\AppData\Local\Programs\Google\MusicManager\MusicManager.exe (Google Inc.)
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\Datamngr\x64\datamngr.dll) - C:\Program Files (x86)\Search Results Toolbar\Datamngr\x64\datamngr.dll (Bandoo Media Inc)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\Datamngr\x64\IEBHO.dll) - C:\Program Files (x86)\Search Results Toolbar\Datamngr\x64\IEBHO.dll (Bandoo Media Inc)
O20 - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\Datamngr\datamngr.dll) - C:\Program Files (x86)\Search Results Toolbar\Datamngr\datamngr.dll (Bandoo Media Inc)
O20 - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\Datamngr\IEBHO.dll) - C:\Program Files (x86)\Search Results Toolbar\Datamngr\IEBHO.dll (Bandoo Media Inc)
[2013/12/01 13:01:11 | 000,000,266 | ---- | M] () -- C:\Windows\tasks\PlayFizz.job
[2013/12/01 11:52:23 | 000,000,416 | ---- | M] () -- C:\Windows\tasks\PC Optimizer Pro64 startups.job

:Files
C:\Program Files (x86)\Search Results Toolbar
C:\Users\Newell\AppData\Roaming\DefaultTab
C:\Users\Newell\AppData\Local\Google
C:\Users\Newell\AppData\Local\FizzPlatinum

:Commands
[resethosts]
[emptytemp]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
THEN

Please download Junkware Removal Tool to your desktop.
  • Right-mouse click JRT.exe and select "Run as Administrator" the tool will open and start scanning your system
  • please be patient as this can take a while to complete depending on your system's specifications
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • post the contents of JRT.txt into your next message.

silverpony53

  • Guest
Re: my advast went unsecured
« Reply #9 on: December 01, 2013, 11:43:22 PM »
here is the 2 logs

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: my advast went unsecured
« Reply #10 on: December 02, 2013, 03:18:32 PM »
Is Avast starting properly now ?

silverpony53

  • Guest
Re: my advast went unsecured
« Reply #11 on: December 02, 2013, 05:04:25 PM »
no it is not same thing

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: my advast went unsecured
« Reply #12 on: December 02, 2013, 07:16:45 PM »
Download Avast Uninstall Utility to your Desktop.
Download the correct version of Avast 
Avast Free
Avast Pro
Avast Internet Security
Avast Premier
Disconnect from the net
Uninstall Avast via control panel

  • Run the uninstall tool and accept the reboot to safe mode
  • Once complete reboot your system
  • Reinstall Avast
----------