Author Topic: Avast background service stopped !! !  (Read 4090 times)

0 Members and 1 Guest are viewing this topic.

REDACTED

  • Guest
Avast background service stopped !! !
« on: June 24, 2015, 12:47:25 PM »
Hy guys im having weird issue, i have avast free version on PC and laptop. Yesterday Avast background services stopped working on PC and today in my laptop Avast background services stopped. I scanned with malwarebyte aswell but there is no virus/malware. I tried Repairing avast but doesnt helped me. Please tell me whats going on because it is so strange. If im trying to install other antivirus i cant somehow.
Please help.
thanks.

Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31080
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re: Avast background service stopped !! !
« Reply #1 on: June 24, 2015, 01:30:54 PM »
Please follow the instructions in the "viruses and worms" forum.

REDACTED

  • Guest
Re: Avast background service stopped !! !
« Reply #2 on: June 24, 2015, 01:50:14 PM »
Here are the logs which i followed the " Logs to assist in cleaning malware" Post. Please check it
Thanks

REDACTED

  • Guest
Re: Avast background service stopped !! !
« Reply #3 on: June 24, 2015, 02:23:22 PM »
Do you use thirdy party Firewall with Avast? Check uninstalling Firewall.

I have Comodo Firewall. I installed Avast & after installation was successful got Avast background services were not running. Restarted the system but keyboard/mouse was not working i.e was not able to move the mouse to the Windows logon password field. Hard shutdown & started the system again but same keyboard prob.

I have Rollback Home installed. So I restored to previous snapshot. Uninstalled Comodo Firewall & installed Avast & no probs.

Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31080
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re: Avast background service stopped !! !
« Reply #4 on: June 24, 2015, 02:32:38 PM »
Start with removing Chrome.
Unless you installed it yourself, malware has changed it into a developer version which allows other malware to be installed without the users noticing it.

REDACTED

  • Guest
Re: Avast background service stopped !! !
« Reply #5 on: June 24, 2015, 02:39:02 PM »
Do you use thirdy party Firewall with Avast? Check uninstalling Firewall.
No, Im not using any third party Firewall.

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Avast background service stopped !! !
« Reply #6 on: June 24, 2015, 04:05:25 PM »
You also have Avira running

Quote
16:46:18.549    Service avipbb C:\Windows\system32\DRIVERS\avipbb.sys **LOCKED**
16:46:18.564    Service avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys **LOCKED**

Please uninstall that and chrome first then run a fresh FRST scan please

REDACTED

  • Guest
Re: Avast background service stopped !! !
« Reply #7 on: June 24, 2015, 04:25:14 PM »
You also have Avira running

Quote
16:46:18.549    Service avipbb C:\Windows\system32\DRIVERS\avipbb.sys **LOCKED**
16:46:18.564    Service avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys **LOCKED**

Please uninstall that and chrome first then run a fresh FRST scan please
There are no such files exists in system32 i checked. here is the latest FRST file in the attachment, please check
« Last Edit: June 24, 2015, 04:28:49 PM by Waqas409 »

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Avast background service stopped !! !
« Reply #8 on: June 24, 2015, 05:18:04 PM »
Could you let me know what error Avast gives when you try to start it

CAUTION :  This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 
Quote
CreateRestorePoint:
Startup: C:\Users\Waqas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\u.lnk [2015-05-26]
ShortcutTarget: u.lnk -> C:\Users\Waqas\AppData\Roaming\obcmjtmyfi.exe (Citigroup)
Startup: C:\Users\Waqas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\v.lnk [2015-06-09]
ShortcutTarget: v.lnk -> C:\Users\Waqas\AppData\Roaming\obtexhelsv.exe (Kareo)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  No File
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  No File
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  No File
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} ->  No File
BHO: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} ->  No File
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2015-04-03] ()
2015-06-24 16:26 - 2015-06-24 16:26 - 01415680 _____ (wj32) C:\Program Files\H1J1J3LD.exe
2015-06-24 16:26 - 2015-06-24 16:26 - 01415680 _____ (wj32) C:\Program Files\4HS2DR1O.exe
2015-06-24 15:50 - 2015-06-24 15:50 - 01415680 _____ (wj32) C:\Program Files\KU5GT4EB.exe
2015-06-24 11:31 - 2015-06-24 11:31 - 01415680 _____ (wj32) C:\Program Files\BDT87MM4.exe
2015-06-23 22:47 - 2015-06-23 22:47 - 01415680 _____ (wj32) C:\Program Files\NU9TIUON.exe
2015-06-09 14:54 - 2015-06-09 14:54 - 81518592 __RSH (Kareo) C:\Users\Waqas\AppData\Roaming\obtexhelsv.exe
2015-05-26 10:18 - 2015-05-26 10:18 - 73986048 __RSH (Citigroup) C:\Users\Waqas\AppData\Roaming\obcmjtmyfi.exe
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers

 
Save this as fixlist.txt, in the same location as FRST.exe

Run FRST and press Fix
On completion a log will be generated please post that

REDACTED

  • Guest
Re: Avast background service stopped !! !
« Reply #9 on: June 24, 2015, 05:33:35 PM »
Ok so when i click on AVAST, first it does not open on first click, i had to click many times when it opens if i click on OVERVIEW it says " YOU ARE UNPROTECTED " Avast background service is not running. If i click Resolve ALL/ Start now it does nothing.
Here is the latest log. Please Check.
thanks.

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Avast background service stopped !! !
« Reply #10 on: June 24, 2015, 06:01:15 PM »
You can now re-install chrome

Download Avast Uninstall Utility to your Desktop.
Download the correct version of Avast 
Avast Free
Avast Pro
Avast Internet Security
Avast Premier
Disconnect from the net
Uninstall Avast via control panel

  • Run the uninstall tool and accept the reboot to safe mode
  • Once complete reboot your system
  • Reinstall Avast
----------