Author Topic: windows security (windows defender) turning on  (Read 4074 times)

0 Members and 1 Guest are viewing this topic.

Offline Turnip

  • Jr. Member
  • **
  • Posts: 61
Re: windows security (windows defender) turning on
« Reply #15 on: March 03, 2020, 03:09:32 PM »
Thanks DavidR

I used to have pro, but went back to using the free version about a month ago.

I did check settings in Malwarebytes, was set to start with windows. Now disabled.

I shut the computer down and restarted  antimalware service executable still showed up, but Avast loaded a lot faster then before.

It is about 50% of the time Windows defender turns on, kind of hit and miss.
Avast Premium version 20.10.2442  Build 20.10.5824.618
Avast Secure browser version 86.1.6938.199
Chrome browser version 87.0.4280.88
Microsoft windows 10 pro 64 bit Version 20H2  OS Build 19042.685

Offline Spec8472

  • Avast team
  • Sr. Member
  • *
  • Posts: 297
Re: windows security (windows defender) turning on
« Reply #16 on: March 03, 2020, 05:25:17 PM »
AvastSvc.exe service has also very slow startup on your computer. There is almost 1 minute delay during initialization of AvastSvc. Can you please use Process monitor (https://docs.microsoft.com/en-us/sysinternals/downloads/procmon) to create boot log file?

  • Execute procmon.exe as an administrator
  • Select Options->Enable Bootlogging in application menu
  • Restart your computer
  • Execute procmon.exe again and save resulting boot log files
  • Upload files to our FTP server: https://support.avast.com/en-us/article/160/

Thank you


Offline Turnip

  • Jr. Member
  • **
  • Posts: 61
Re: windows security (windows defender) turning on
« Reply #17 on: March 03, 2020, 06:04:20 PM »
When you say restart or is it shutdown and reboot

Do i need to check mark in Generate Thread profiling events See Attachment
 
Avast Premium version 20.10.2442  Build 20.10.5824.618
Avast Secure browser version 86.1.6938.199
Chrome browser version 87.0.4280.88
Microsoft windows 10 pro 64 bit Version 20H2  OS Build 19042.685

Offline Turnip

  • Jr. Member
  • **
  • Posts: 61
Re: windows security (windows defender) turning on
« Reply #18 on: March 03, 2020, 07:27:23 PM »
Ran procmon.exe as an administrator and Enable Bootlogging

Restarted computer

Execute procmon.exe saved bog log files.

Downloaded 7-Zip  created  the compressed archive.

Downloaded WinSCP  all seemed to go okay.
But at last step I get an error
Avast Premium version 20.10.2442  Build 20.10.5824.618
Avast Secure browser version 86.1.6938.199
Chrome browser version 87.0.4280.88
Microsoft windows 10 pro 64 bit Version 20H2  OS Build 19042.685

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76037
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: windows security (windows defender) turning on
« Reply #19 on: March 04, 2020, 05:44:40 AM »
Hi, you need to switch to "incoming" directory on the FTP server.
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline Spec8472

  • Avast team
  • Sr. Member
  • *
  • Posts: 297
Re: windows security (windows defender) turning on
« Reply #20 on: March 04, 2020, 08:39:17 AM »
Hi Turnip,

yes enable thread profiling events please, use the "every second" option. Also, please follow Asyn's advice and upload the files into "Incoming" FTP folder.

Thanks

Offline Turnip

  • Jr. Member
  • **
  • Posts: 61
Re: windows security (windows defender) turning on
« Reply #21 on: March 04, 2020, 10:40:46 AM »
Hi Turnip,

yes enable thread profiling events please, use the "every second" option. Also, please follow Asyn's advice and upload the files into "Incoming" FTP folder.

Thanks
HI Spec8472

Have sent.
Hi, you need to switch to "incoming" directory on the FTP server.

Thanks Asyn much appreciated.
Avast Premium version 20.10.2442  Build 20.10.5824.618
Avast Secure browser version 86.1.6938.199
Chrome browser version 87.0.4280.88
Microsoft windows 10 pro 64 bit Version 20H2  OS Build 19042.685

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76037
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: windows security (windows defender) turning on
« Reply #22 on: March 04, 2020, 10:48:33 AM »
You're welcome.
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline Spec8472

  • Avast team
  • Sr. Member
  • *
  • Posts: 297
Re: windows security (windows defender) turning on
« Reply #23 on: March 04, 2020, 01:09:29 PM »
Hi Turnip,

thanks for the boot log. I have checked it and it is clear now that the delay is caused by huge kernel CI (code integrity)  processing, which is triggered, when process AvastSvc.exe tries to load a .dll. The .dll has an embedded signature, but system is trying to parse all system catalogs (.cat) file to validate the signature of the .dll file, which is strange. There might be a problem with authenticode signatures of some  .dll files.


Offline Turnip

  • Jr. Member
  • **
  • Posts: 61
Re: windows security (windows defender) turning on
« Reply #24 on: March 04, 2020, 01:41:24 PM »
Hi Spec8472

How do I go about checking  signatures of dll files.

I ran sfc/scannow   Windows resource protection did not find any integrity violations.
Avast Premium version 20.10.2442  Build 20.10.5824.618
Avast Secure browser version 86.1.6938.199
Chrome browser version 87.0.4280.88
Microsoft windows 10 pro 64 bit Version 20H2  OS Build 19042.685

Offline Spec8472

  • Avast team
  • Sr. Member
  • *
  • Posts: 297
Re: windows security (windows defender) turning on
« Reply #25 on: March 04, 2020, 01:58:31 PM »
No need to check integrity of system files. The problem is with load of our language base.dll. I am able to reproduce the issue now. Thank you.

Offline Turnip

  • Jr. Member
  • **
  • Posts: 61
Re: windows security (windows defender) turning on
« Reply #26 on: March 04, 2020, 02:41:08 PM »
Cheers Thanks :)
Avast Premium version 20.10.2442  Build 20.10.5824.618
Avast Secure browser version 86.1.6938.199
Chrome browser version 87.0.4280.88
Microsoft windows 10 pro 64 bit Version 20H2  OS Build 19042.685