Author Topic: NG problems in new Avast 2016 - on Win 7 64-bit with virtualization  (Read 11195 times)

0 Members and 1 Guest are viewing this topic.

Offline glnz

  • Sr. Member
  • ****
  • Posts: 300
Have problems with the new Avast 2016 Free on my Win 7 Pro SP1 64-bit machine.  (It's a Dell Optiplex 7010 with 16GB RAM and an Intel Core i5 3470 with 4 cores, and with hardware virtualization turned ON in my BIOS.)

First, after the reboot, the new (to me) process aswFe.exe runs for a LONG time and consumes 25%± of my CPU.  At least an hour. 

Second, following other posts here, I checked how (or whether) NG was actually running.  See the attached screenshot of my attempts in cmd to check - lots of error messages.  You can see I tried to start it although I don't know these commands and was just "pushing buttons".  But lots of ERRORS.  Please open the attachment jpg.  (It's formatted for legal size paper, which was a clearer image.)

So what is happening with NG and this aggressive process aswFe.exe?  Is NG even running on my machine?  Am I getting the benefit of Avast's virtualization features?  Are the Avast sandbox features running at all?  How do I check?

Thanks.
« Last Edit: November 07, 2015, 04:38:05 PM by glnz »
Various Dell Optiplexes running XP Pro SP3 32-bit, Win 7 Pro SP1 64-bit and Win 10 Pro 64-bit.  Firefox with security add-ons.

Offline glnz

  • Sr. Member
  • ****
  • Posts: 300
I just re-checked my post above from a different computer (not logged in), and the attachment above had disappeared.  But now viewing from my original posting PC (logged in), it's here now.

My thread is pointless without the attachment.  It's here now, but is it missing for anyone else?

And any thoughts on my thread above?

Thanks.
Various Dell Optiplexes running XP Pro SP3 32-bit, Win 7 Pro SP1 64-bit and Win 10 Pro 64-bit.  Firefox with security add-ons.

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 71138
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Note: You need to be logged in to see attachments.
Win 8.1 [x64] - Avast PremSec 21.6.6435.IBC [UI.655] - EEK - Firefox ESR 78.12 [NS/uBO/PB] - TB 78.12
Avast-Tools: Secure Browser 92.0 - Cleanup 21.2 - SecureLine 5.12 - Driver Updater 21.2 - CCleaner 5.83
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline glnz

  • Sr. Member
  • ****
  • Posts: 300
Asyn - thanks.  Any thoughts about the errors in the attachment and questions re NG?
Various Dell Optiplexes running XP Pro SP3 32-bit, Win 7 Pro SP1 64-bit and Win 10 Pro 64-bit.  Firefox with security add-ons.

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 71138
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Asyn - thanks.  Any thoughts about the errors in the attachment and questions re NG?
You're welcome.
Nope, wait for one of the devs and/or submit a ticket: https://support.avast.com/support/tickets/new
Win 8.1 [x64] - Avast PremSec 21.6.6435.IBC [UI.655] - EEK - Firefox ESR 78.12 [NS/uBO/PB] - TB 78.12
Avast-Tools: Secure Browser 92.0 - Cleanup 21.2 - SecureLine 5.12 - Driver Updater 21.2 - CCleaner 5.83
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline glnz

  • Sr. Member
  • ****
  • Posts: 300
Asyn - Submitted a ticket, but that will take a while, and I doubt the front-line tech team will know anything about my attachment above.

Would much appreciate this forum's advice - how do I test whether NG is running in this new Avast?  Or whether any of the sandbox features are working?  (What does NG do anyway?)

Thanks.
Various Dell Optiplexes running XP Pro SP3 32-bit, Win 7 Pro SP1 64-bit and Win 10 Pro 64-bit.  Firefox with security add-ons.

Offline glnz

  • Sr. Member
  • ****
  • Posts: 300
Man - I'm feeling lonely - no one even wants to tell me what NG does!!

And what about those commands in my cmd screenshot above?  What are they anyway?  Does Avast publish a guide to them?
Various Dell Optiplexes running XP Pro SP3 32-bit, Win 7 Pro SP1 64-bit and Win 10 Pro 64-bit.  Firefox with security add-ons.

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 71138
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Man - I'm feeling lonely - no one even wants to tell me what NG does!!
Basic info: https://forum.avast.com/index.php?topic=154857.msg1125734#msg1125734
Win 8.1 [x64] - Avast PremSec 21.6.6435.IBC [UI.655] - EEK - Firefox ESR 78.12 [NS/uBO/PB] - TB 78.12
Avast-Tools: Secure Browser 92.0 - Cleanup 21.2 - SecureLine 5.12 - Driver Updater 21.2 - CCleaner 5.83
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline GaAs

  • Full Member
  • ***
  • Posts: 181
  • My CPU is well seasoned. Mmmm, so good!

Here, instead, ngtool.exe, mftutil.exe, aswFe.exe, every time that the operating system start, cpu usage 36% (on average), again and again, again, again, again, again, again, again, again, again , again, a nuisance monstrous !!!!
30 minutes of hard drive and CPU every time !!!!!!!!!!!
In previous versions, the three tool, were initiated only the installation of avast or a new update of the program.
Please solve !!!
Bye to all. :o :o ::)
Another antivirus, Core Duo T5600, 2.0 GB of RAM, W7_32bit, old oooooold whisky!

Offline glnz

  • Sr. Member
  • ****
  • Posts: 300
Asyn - thanks for info.  But from your link to pk's description, it seems that the "errors" in my cmd screenshot above mean that Avast NG is NOT ABLE to create the VirtualBox VMs on my PC that are part of NG.  But my PC definitely has hardware virtualization.  I have run the Win 7 machine in XP Mode a few times just for fun.  And I have just re-run MS's havdetectiontool, and it reports that "This computer is configured with hardware-assisted virtualization".

Also, in Settings for my 2016 Avast, "Enable DeepScreen" and "Use secure virtual machines" are both checked.

So what do we do?  How do I test further to determine why there are "errors" in my cmd screenshot above, or to see whether NG is working on my machine?

I have not heard from Avast Support.  Thanks.
Various Dell Optiplexes running XP Pro SP3 32-bit, Win 7 Pro SP1 64-bit and Win 10 Pro 64-bit.  Firefox with security add-ons.

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 71138
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
1. Asyn - thanks for info.
2. I have not heard from Avast Support.  Thanks.
1. You're welcome.
2. Be patient, it can take up to 7 (business) days.
Win 8.1 [x64] - Avast PremSec 21.6.6435.IBC [UI.655] - EEK - Firefox ESR 78.12 [NS/uBO/PB] - TB 78.12
Avast-Tools: Secure Browser 92.0 - Cleanup 21.2 - SecureLine 5.12 - Driver Updater 21.2 - CCleaner 5.83
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline glnz

  • Sr. Member
  • ****
  • Posts: 300
By the way, aswFE.exe does not seem to re-run on bootups.  However, the problem continues with ngtools and the above indications (and cmd results) that NG is not running correctly because Avast is failing to make the needed virtual machines.

Just to add some detail --

In the BIOS for my Optiplex 7010, these are the settings under the caption "Virtualization Support":
-  Virtualization - Enable Intel Virtualization Technology is CHECKED
-  VT for Direct I/O - Enable VT for Direct I/O is CHECKED
-  Trusted Execution - Trusted Execution is UNchecked.

I have also attached the more detailed hav log file from this morning's run of MS's havdetectiontool.  Looks good to me.

So how do I test the NG sandbox?  Doesn't Avast have a web link with a fake bad page that would put it to the test?

Various Dell Optiplexes running XP Pro SP3 32-bit, Win 7 Pro SP1 64-bit and Win 10 Pro 64-bit.  Firefox with security add-ons.

Offline glnz

  • Sr. Member
  • ****
  • Posts: 300
Re: NG problems in new Avast 2016 - on Win 7 64-bit with virtualization
« Reply #12 on: November 08, 2015, 03:22:07 AM »
 
And, before anyone asks, in Avast - Settings - Troubleshooting, "Enable hardware-assisted virtualization" is CHECKED.

Any thoughts, anyone?
Various Dell Optiplexes running XP Pro SP3 32-bit, Win 7 Pro SP1 64-bit and Win 10 Pro 64-bit.  Firefox with security add-ons.

Offline glnz

  • Sr. Member
  • ****
  • Posts: 300
Re: NG problems in new Avast 2016 - on Win 7 64-bit with virtualization
« Reply #13 on: November 08, 2015, 07:20:30 PM »
 
Doesn't ANYONE know how to test the NG feature, which I understand is some type of sandboxing?  Thanks.
Various Dell Optiplexes running XP Pro SP3 32-bit, Win 7 Pro SP1 64-bit and Win 10 Pro 64-bit.  Firefox with security add-ons.

Offline NON

  • Japanese User
  • Avast Überevangelist
  • Ultra Poster
  • *****
  • Posts: 4821
  • Whatever will be, will be.
Re: NG problems in new Avast 2016 - on Win 7 64-bit with virtualization
« Reply #14 on: November 09, 2015, 01:08:53 PM »
Old good autosandboxme2.exe still triggers DeepScreen aka NG.
http://public.avast.com/dev/autosandboxme2.exe

And yes, NG is a kind of sandbox, mainly to determine the file is malicious or not.


BTW, this is my personal opinion: internal tools (ngtool.exe for example) should only be executed by avast itself, not by user's intention, even if there is built-in help text.

You don't know what they perform or what is needed to properly execute these tools.
Playing with these tools might be fun (I can understand it), but it should be done at your own risk using your own knowledge.
Expecting official support for your playing is just not good.

Just my opinion.
« Last Edit: November 09, 2015, 01:15:06 PM by NON »
Main: Win10 Pro 20H2 64bit / Core i5-7400 3.0GHz / 16GB RAM / Avast 21 Premium Beta(Icarus) / Comodo Firewall (testing again)
Mobile: Win10 Pro 20H2 64bit / Core i5-3340M 2.7GHz / 8GB RAM / Avast 21 Free / Windows Firewall Control

Avast の設定について解説しています。よろしければご覧ください。