Author Topic: Avast aborted connection  (Read 28867 times)

0 Members and 1 Guest are viewing this topic.

Offline Alikhan

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 2220
Re: Avast aborted connection
« Reply #30 on: December 21, 2013, 11:12:05 PM »
There are logs of shield detection in the Program Data folder (If I remember correctly)

i can't find it.

What can't you find?

are you trolling me now?  I think your an anti avast spy.  why don't you get lost dude.   I'd rather talk to the other peeps.  I find it suspect you want this thread closed.

... Can you find the Program Data folder? Can you find the Avast folder located in there? Can you find the shields name?
Windows 10 Home 64-bit • Avast Free (latest stable version) •  Malwarebytes 4 Premium (On-Demand) • Windows Firewall Control • Google Chrome • LastPass • CCleaner • O&O ShutUp10 •

CooloutAC

  • Guest
Re: Avast aborted connection
« Reply #31 on: December 21, 2013, 11:23:28 PM »
Here are the attachments, tks for the help.  I feel so vulnerable,  I hope this guy Alikhan isn't gonna use this info against me haha.
« Last Edit: December 22, 2013, 02:19:32 AM by CooloutAC »

CooloutAC

  • Guest
Re: Avast aborted connection
« Reply #32 on: December 21, 2013, 11:35:45 PM »
Finally found the log.   

It is in programdata,  sorry aligkhan I get paranoid this time of year.

I found this info in the autosandbox log.   this is not telling me the HTTP information though.  I'm still searching for that in the logs.

12/21/2013 2:28:58 PM   Autosandbox candidate: C:\Windows\SoftwareDistribution\Download\Install\AM_Delta_Patch_1.165.346.0.exe
   [Source: local://*C:\Windows\System32\svchost.exe      ]
   [Opened by: C:\Windows\System32\wuauclt.exe]
   [Reason: 0x00020000]
    --> Result: Not sandboxing (because the file is trusted).

When we get new laptop i will be going for full subscription.

EDIT:   Here it is....   12/21/2013 2:25:20 PM   FileRep: http:??download.windowsupdate.com/msdownload/update/software/defu/2013/12/am_delta_patch_1.165.346.0_4cb2aa0d327317dd698a6528c1a63cecc8740cbe.exe
   [Downloaded by: C:\Windows\System32\svchost.exe]
   has a poor reputation.
    --> Result: Aborting download.


« Last Edit: December 22, 2013, 02:18:05 AM by CooloutAC »

Offline Alikhan

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 2220
Re: Avast aborted connection
« Reply #33 on: December 21, 2013, 11:37:29 PM »
See.. I told you the log would be there. I also told you that you were not infected.
Windows 10 Home 64-bit • Avast Free (latest stable version) •  Malwarebytes 4 Premium (On-Demand) • Windows Firewall Control • Google Chrome • LastPass • CCleaner • O&O ShutUp10 •

CooloutAC

  • Guest
Re: Avast aborted connection
« Reply #34 on: December 21, 2013, 11:38:22 PM »
See.. I told you the log would be there. I also told you that you were not infected.

well i'm not so sure about that lol.

 Here it is....   12/21/2013 2:25:20 PM   FileRep: http:??download.windowsupdate.com/msdownload/update/software/defu/2013/12/am_delta_patch_1.165.346.0_4cb2aa0d327317dd698a6528c1a63cecc8740cbe.exe
   [Downloaded by: C:\Windows\System32\svchost.exe]
   has a poor reputation.


what the heck is this? hmm...google searching it might have something to do with MSE updates.   ok maybe all is well... lmao.  I'm really liking avast lately.  Especially on the phones.
« Last Edit: December 22, 2013, 02:17:41 AM by CooloutAC »

Offline Alikhan

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 2220
Re: Avast aborted connection
« Reply #35 on: December 21, 2013, 11:42:10 PM »
See.. I told you the log would be there. I also told you that you were not infected.

well i'm not so sure about that lol.

 Here it is....   12/21/2013 2:25:20 PM   FileRep: http://download.windowsupdate.com/msdownload/update/software/defu/2013/12/am_delta_patch_1.165.346.0_4cb2aa0d327317dd698a6528c1a63cecc8740cbe.exe
   [Downloaded by: C:\Windows\System32\svchost.exe]
   has a poor reputation.

what the heck is this?

It's an anti-malware definition update.... either of Windows Defender or MSE (which should NOT be running alongside Avast)

https://www.virustotal.com/en/file/519db35bf163cc888702234dcbcd7e68c24200f1e986a2f629005cf46ccff32e/analysis/1387665632/

Mcafee finds it suspicious but since the rest of the vendors don't I suppose it's their false positive.
Windows 10 Home 64-bit • Avast Free (latest stable version) •  Malwarebytes 4 Premium (On-Demand) • Windows Firewall Control • Google Chrome • LastPass • CCleaner • O&O ShutUp10 •

CooloutAC

  • Guest
Re: Avast aborted connection
« Reply #36 on: December 21, 2013, 11:44:57 PM »
See.. I told you the log would be there. I also told you that you were not infected.

well i'm not so sure about that lol.

 Here it is....   12/21/2013 2:25:20 PM   FileRep: http://download.windowsupdate.com/msdownload/update/software/defu/2013/12/am_delta_patch_1.165.346.0_4cb2aa0d327317dd698a6528c1a63cecc8740cbe.exe
   [Downloaded by: C:\Windows\System32\svchost.exe]
   has a poor reputation.

what the heck is this?

It's an anti-malware definition update.... either of Windows Defender or MSE (which should NOT be running alongside Avast)

https://www.virustotal.com/en/file/519db35bf163cc888702234dcbcd7e68c24200f1e986a2f629005cf46ccff32e/analysis/1387665632/

Mcafee finds it suspicious but since the rest of the vendors don't I suppose it's their false positive.

I apologize for my hostility.  Well i tried to manually update MSE and it says its already up to date,  so its still kind of suspicious to me.  I also immediately did a windows update after that popup and it found no MSE updates.   But at least avast blocked it.   8)

As long as it doesn't effect my gaming I run em both. I also run emet,  with full security on every program.  Except avast, cause avast protects itself and will crash emet if I try lol.

I hope it didn't get trhough though,  say that popup was just sitting there for hours and i didn't click ok,  could it have gotten through?  Or does avast block it until i select an action? 
« Last Edit: December 21, 2013, 11:48:30 PM by CooloutAC »

Offline Alikhan

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 2220
Re: Avast aborted connection
« Reply #37 on: December 21, 2013, 11:47:05 PM »
Avast blocks it until you choose an action.
Windows 10 Home 64-bit • Avast Free (latest stable version) •  Malwarebytes 4 Premium (On-Demand) • Windows Firewall Control • Google Chrome • LastPass • CCleaner • O&O ShutUp10 •

CooloutAC

  • Guest
Re: Avast aborted connection
« Reply #38 on: December 21, 2013, 11:50:39 PM »
Avast blocks it until you choose an action.

awsome.  I still find it very suspicious.   Hopefully if there is something wrong in my OTL logs someone will let me know,  tks for all the help.   Once we get the lappy we are going to go full avast suite.
« Last Edit: December 21, 2013, 11:53:09 PM by CooloutAC »

Offline Alikhan

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 2220
Re: Avast aborted connection
« Reply #39 on: December 21, 2013, 11:51:54 PM »
Yeah, someone should let you know.

If you have Windows defender enabled> disable it.

If you have MSE installed > Uninstall it.
Windows 10 Home 64-bit • Avast Free (latest stable version) •  Malwarebytes 4 Premium (On-Demand) • Windows Firewall Control • Google Chrome • LastPass • CCleaner • O&O ShutUp10 •

CooloutAC

  • Guest
Re: Avast aborted connection
« Reply #40 on: December 21, 2013, 11:53:40 PM »
Yeah, someone should let you know.

If you have Windows defender enabled> disable it.

If you have MSE installed > Uninstall it.

Why should I uninstall MSE?  It once caught a virus i got from battlelog.net and quarantined it before I even realized.  it might not be as good as avast, but its so lightweight and conflicts with nothing.  I like the extra protection.
« Last Edit: December 21, 2013, 11:57:19 PM by CooloutAC »

Offline Alikhan

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 2220
Re: Avast aborted connection
« Reply #41 on: December 21, 2013, 11:57:32 PM »
Source : Bleeping Computer

Using more than one anti-virus program is not advisable. Why? The primary concern with doing so is due to Windows resource management and significant conflicts that can arise especially when they are running in real-time protection mode simultaneously. Even if one of them is disabled for use as a stand-alone on demand scanner, it can affect the other and cause conflicts. Anti-virus software components insert themselves deep into the operating systems core where they install kernel mode drivers that load at boot-up regardless of whether real-time protection is enabled or not. Thus, using multiple anti-virus solutions can result in kernel mode conflicts causing system instability, catastrophic crashes, slow performance and waste vital system resources. When actively running in the background while connected to the Internet, each anti-virus may try to update their definition databases at the same time. As the programs compete for resources required to download the necessary files this often can result in sluggish system performance or unresponsive behavior.

When scanning engines are initiated, each anti-virus may interpret the activity of the other as suspicious behavior and there is a greater chance of them alerting you to a "false positive". If one finds a virus or a suspicious file and then the other also finds the same, both programs will be competing over exclusive rights on dealing with that threat. Each anti-virus may attempt to remove the offending file and quarantine it at the same time resulting in a resource management issue as to which program gets permission to act first. If one anit-virus finds and quarantines the file before the other one does, then you may encounter the problem of both wanting to scan each other's zipped or archived files and each reporting the other's quarantined contents. This can lead to a repetitive cycle of endless alerts that continually warn you that a threat has been found after it has already been neutralized.

Anti-virus scanners use virus definitions to check for malware and these can include a fragment of the virus code which may be recognized by other anti-virus programs as the virus itself. Because of this, many anti-virus vendors encrypt their definitions so that they do not trigger a false alarm when scanned by other security programs. Other vendors do not encrypt their definitions and they can trigger false alarms when detected by the resident anti-virus. Further, dual installation is not always possible because most of the newer anti-virus programs will detect the presence of another and may insist that one be removed prior to its installation. If the installation does complete with another anti-virus already installed, you may encounter issues like system freezing, unresponsiveness or similar symptoms as described above while trying to use it.

To avoid these problems, use only one anti-virus solution. Deciding which one to remove is your choice. Be aware that you may lose your subscription to that anti-virus program's virus definitions once you uninstall that software.

Microsoft and major Anti-virus vendors recommend that you install and run only one anti-virus program at a time

"You don’t need to install more than one antivirus program. In fact, running more than one antivirus program at the same time can cause conflicts and errors that make your antivirus protection less effective or not effective at all."
Windows 10 Home 64-bit • Avast Free (latest stable version) •  Malwarebytes 4 Premium (On-Demand) • Windows Firewall Control • Google Chrome • LastPass • CCleaner • O&O ShutUp10 •

CooloutAC

  • Guest
Re: Avast aborted connection
« Reply #42 on: December 22, 2013, 12:47:26 AM »
well I know what the general consensus has been over the years.  but I'm an avid gamer.  So i know all about tweaking my windows for performance.  And running them both is not really affecting my gaming, which is all that matters to me.    I don't crash at all.  as long a they don't idle scan in the middle of my game and thrash hdd which is rare i don't lose any performance,  mse did a couple times but not usually all is well.  Its the reason I got rid of norton.

Except well like I said all the pcs' in my house recently died in the same week recently.  I had to replace a vid card on this one.     I did crash for the first time ever on this pc in 3 years the other day.   After i deleted everyone of my friends list,  which was bizarre.    but it might of been from gaming for 12 hours straight and as I launched the next match the pc shut off.  Maybe  the PSU couldn't take anymore.  I check my heat regularly and got no alarms. 

 

But i've never  blacked screened besides when my vid card died.   And I think i i've only got one BSOD in over 3 years on this pc ever, i can't even remember one ever happening.   nothing ever crashes on my pc except firefox sometimes.     mwo has been crashing on me,  but that was due to a bug in their recent patch which they are addressing.

I'm just very worried about the fact my vid card died,   and my pc recently lost power.  The psu is  only a year old and its a decent corsair model.  These are the same symptoms the other pcs have had before the motherboards got bricked.  but im' still chalking it up to the fact i gamed for 12 hours straight which I've never done before on this pc lol. 

But these things always occur this time of year!

But, ya as far as running them side by side,  i notice no conflicts or slow downs in my game performance which is a good barmometer.  like i said I've never had a bsod,   and have only black screened recently after all the pcs in my house died... 

But it certainly feels like the viruses eat up your dvd drive firmware first,  we go through them like water in my house,   then the vid card and monitor is next to go,  then the mobo eventually.   I feel like its only a matter of time for mine.   :(   Hopefully i'm just being paranoid.  But its like I can't get rid of this virus for years!!

I play intensive games with no issues which is all that matters for me and is the best test ;)  MSE is so lightweight its great.  and like I said it found a virus from battlelog.net without me even knowing, i don't want to give up that extra protection.
« Last Edit: December 22, 2013, 12:58:46 AM by CooloutAC »

CooloutAC

  • Guest
Re: Avast aborted connection
« Reply #43 on: December 22, 2013, 12:59:28 AM »
as far as that mysterious update for MSE.   a manual update showed nothing, and windows update showed nothing.

Maybe mcafee is the only one thats correct!

Offline Alikhan

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 2220
Re: Avast aborted connection
« Reply #44 on: December 22, 2013, 01:01:35 AM »
as far as that mysterious update for MSE.   a manual update showed nothing, and windows update showed nothing.

Maybe mcafee is the only one thats correct!

Here we go again, seriously...

It just determined it as suspicous...

The file you linked to download is you right click it for properties, you'll see it's an anti-malware update file...
Windows 10 Home 64-bit • Avast Free (latest stable version) •  Malwarebytes 4 Premium (On-Demand) • Windows Firewall Control • Google Chrome • LastPass • CCleaner • O&O ShutUp10 •