Author Topic: avastclear locks up, creates endless bootloop on Windows 7 Pro  (Read 4177 times)

0 Members and 1 Guest are viewing this topic.

Offline J.R. Sonoran Desert

  • Failure Analysis Engineer @ Advantage Micro Corporation
  • Newbie
  • *
  • Posts: 4
  • Don't assume anything, ask questions for clarity!
    • Advantage Micro Corporation
This morning 2 different resellers had 3 different systems all simutaneously  lockup running avastclear, The systems had to be reset, and are now in endless bootloop.  Just as it gets to the login screen, it reboots.  Safemode, system restore, and Dell Factory restore  is no help.  Where the hell is this setting?  Is it in the boot sector, or the boot.ini.  avast! tech support does not know the answer. Lat I heard the reseller was doing a DOD wipe before factory restoring again.

What changed with avastclear?  I am afraid to touch it until I know what setting it changes for this reboot loop to occur after a factory image restore!
My goal is to prevent Organized Crime and Terrorists from using our computers against us! Therefore, I am now forced to be a Crypto-Ransomware Specialist!  Anti-virus alone is NOT enough!

Offline novakja

  • Avast team
  • Jr. Member
  • *
  • Posts: 49
Re: avastclear locks up, creates endless bootloop on Windows 7 Pro
« Reply #1 on: April 15, 2016, 10:50:46 AM »
Hello J.R. Sonoran Desert,
we are looking into this issue. Do you have any information on how did they run the avast clear - was it run from safe mode or not? Also, what versions and editions of Avast were installed? Were all the systems running only Windows 7 Pro or were there other OSes installed as well?

Offline lukor

  • Avast team
  • Super Poster
  • *
  • Posts: 1878
    • AVAST Software
Re: avastclear locks up, creates endless bootloop on Windows 7 Pro
« Reply #2 on: April 17, 2016, 07:43:07 PM »
Hi J.R.,

We've been really trying to find out more details about this problem. On most of the machines (Win7, Win8, Win10) it works without issues, but eventually we've been able to reproduce the same behavior on Windows 7 Enterprise with 512 MB of RAM.

It seems that the issue is somehow caused by running Avast EP on Win7 in Safe Mode alone - while in most cases rebooting into Safe Mode is ok, on some machines the pure fact, that Windows is rebooting into Safe Mode causes this reboot - immediately after the login page appears.

When running avastclear.exe, it registers itself into registry to be run "once" after reboot -- here: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce. When the system boots it automatically removes entries from this key - and therefore AvastClear is indeed started only once. Depending on the timing – it either succeeds to set the system back to normal mode (in such case the system is immediately rebooted back) or if the system reboots two quickly the Safe Mode flag remains configured and windows keeps rebooting – since there is no longer any tool to run and remove the Safe Mode flag (avastclear.exe is started only during the first boot), Windows keeps restarting forever.

For us it means we will update the way avastclear.exe sets up the system for Safe Mode – we will copy the current configuration instead of modifying the existing one, this will give more choices to you, the user, in case similar problems ever appears again (AV-9897).

The reason why Safe Mode causes reboots with Avast8 EP in some installations of Windows 7 (while it works on the platforms, such as Windows 10) is still unknown. More info regarding various cases where it can be reproduced (HW specs, details about OS version) and where not (e.g. with Self-defense disabled and enabled etc.) is welcomed, our suspicion now is some connect with the windows update process being active while avastclear is scheduling the restart – just a hypothesis at this moment though.

The recovery steps from this unfortunate situation are the following:

1)      Open Win7 boot menu by pressing F8 repeatedly during boot

2)      Select the option “Repair your computer” to boot into the Windows Recovery environment.
See screenshot here: http://public.avast.com/~trs/forum/avastclear-reboot-fix-1.png

3)      Login as administrator and select keyboard and then Command Prompt
See screenshot here: http://public.avast.com/~trs/forum/avastclear-reboot-fix-2.png

4)      Turn off safemode start using bcdedit commnand: bcdedit /deletevalue {default} safeboot
See screenshot here: http://public.avast.com/~trs/forum/avastclear-reboot-fix-3.png

5)      Exit the tools and reboot.

Lukas

Offline Che Johnson

  • Full Member
  • ***
  • Posts: 140
Re: avastclear locks up, creates endless bootloop on Windows 7 Pro
« Reply #3 on: April 18, 2016, 09:13:24 AM »
Thanks Lukas, for following up with this.