Author Topic: 4.8 and windows firewall.  (Read 16906 times)

0 Members and 1 Guest are viewing this topic.

avastment

  • Guest
4.8 and windows firewall.
« on: April 05, 2009, 09:20:37 PM »
About 2 hours ago I was using AVG free for many years with Firefox.
Started having a problem with either Firefox, avg free or something else when clicking on a link after doing a search and coming up with first seeing link in address bar and before page loaded it switch to another link though it was an advertsing link.  to go to my choice link I had to click back button.
I did a AVG full scan yesterday and it only turned up 4 cookies which I deleted.
So I tried Malwarebytes and it turned these which I deleted.
HKEY_CLASSES_ROOT\minibugtransporter.minibugtransporterx (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\minibugtransporter.minibugtransporterx.1 (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{04a38f6b-006f-4247-ba4c-02a139d5531c} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2b96d5cc-c5b5-49a5-a69d-cc0a30f9028c} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{3c2d2a1e-031f-4397-9614-87c932a848e0} (Adware.Minibug) -> Quarantined and deleted successfully.

then got to thinking after looking at Mozilla forum to switch to Avast.
I ran avast and after about 40 minutes no viruses nothing.
Prior to Avast I completly removed everything to do with AVG.

So I go to my windows firewall and see AVG files about 7 are all there and checked.  So I delete all of them.
Question is do I add all *.exe Avast files to Windows firewall with a check mark for each or which ones?

Oh and to get to this forum I was first redirected to some advertising site then had to hit back button to get here.


avastment

  • Guest
Re: 4.8 and windows firewall.
« Reply #1 on: April 05, 2009, 09:31:18 PM »
I'm doing a little testing with my Google search bar.
If I type in cnet and hit return
there is cnet.com as top link.
so I click on it.

In search bar I see cnet.com and then address by it self changes to
http://www.newser.com/?utm_source=ask&utm_medium=cpc&utm_campaign=news
or this one in doing a search for avast home.
http://www.stopzilla.com/products/stopzilla/landing.do?aid=10192&cid=spyware

Why is this happening?

I'm going to try it now with my Yahoo search bar.

avastment

  • Guest
Re: 4.8 and windows firewall.
« Reply #2 on: April 05, 2009, 09:34:25 PM »
same thing with Yahoo search.
I click link that looks authentic another advertising site pops up and then hitting back button either takes be to what I want or I can't exit out of site without closing it.

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 86684
  • No support PMs thanks
Re: 4.8 and windows firewall.
« Reply #3 on: April 05, 2009, 09:40:17 PM »
The windows (XP) firewall doesn't monitor outbound connections so you probably don't have to add any.

However the only files that require internet access are avast.setup (the avast update process), the ashWebSv.exe (web shield) and ashMaiSv.exe (the Internet Mail provider POP3/SMTP email scanner).

Based on those file references not being removed there may be other remnants - AVG8 Remover, download tool from here, http://www.grisoft.com/ww.download-tools there is a 32bit and 64 bit windows version, ensure you use the correct one.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 22.5.6015 (build 22.5.7263.730) UI 1.0.711/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 86684
  • No support PMs thanks
Re: 4.8 and windows firewall.
« Reply #4 on: April 05, 2009, 09:45:02 PM »
same thing with Yahoo search.
I click link that looks authentic another advertising site pops up and then hitting back button either takes be to what I want or I can't exit out of site without closing it.

I would have though that MABM would have found this search hijack, but you could also try SAS - SUPERantispyware On-Demand only in free version.

Try running MBAM and SAS from safe mode with your browsers closed.

Check this out, if the above don't resolve it.
- Firefox popping up ads and or google search redirects.
Please download GooredFix and save it to your Desktop. - Double-click Goored.exe to run it. - Select 1. Find Goored (no fix) by typing 1 and pressing Enter. - A log will open, please post the contents of that log in your next reply (it can also be found on your desktop, called Goored.txt). - Note: Do not run Option #2 yet.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 22.5.6015 (build 22.5.7263.730) UI 1.0.711/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

avastment

  • Guest
Re: 4.8 and windows firewall.
« Reply #5 on: April 05, 2009, 10:04:44 PM »
OK.  I've done a lot here and will have to leave soon it's like 1pm here in California. so later. 

I turned Windows firewall back on and added ashwebsv.exe and ashmaisv.exe however could not find avast.setup?

I downloaded that file to remove all of AVG and was not instructed to reboot so I went to next.

Goor

GooredFix v1.92 by jpshortstuff
Log created at 12:59 on 05/04/2009 running Option #1 (jaisen)
Firefox version 3.0.8 (en-US)

=====Suspect Goored Entries=====

=====Dumping Registry Values=====

[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Firefox 3.0.8\extensions]
"Plugins"="C:\Program Files\Mozilla Firefox\plugins"

[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Firefox 3.0.8\extensions]
"Components"="C:\Program Files\Mozilla Firefox\components"

One last thing I tried to update AVAST and got this message

Information about current update:
Last encountered error: The package is broken.

Total time: 1:48

What should broken imply to me?

thanks.


Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 86684
  • No support PMs thanks
Re: 4.8 and windows firewall.
« Reply #6 on: April 06, 2009, 12:03:16 AM »
The avast.setup file used to be a temporary file created when the update proceeded, but it should be in the C:\Program Files\Alwil Software\Avast4\Setup folder.

OK, hopefully that has cleared any avg remnants, if any.

The Goored is clear as no suspect entries, so that is another down.

I would say just what it says some part of the update process is broken, this could be a partial install failure, which could be due to remnants of avg.

Try a repair of avast. Add Remove programs, select 'avast! Anti-Virus,' click the Change/Remove button and scroll down to Repair, click next and follow.

If that doesn't work try, uninstall, reboot, install, reboot.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 22.5.6015 (build 22.5.7263.730) UI 1.0.711/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

avastment

  • Guest
Re: 4.8 and windows firewall.
« Reply #7 on: April 06, 2009, 02:01:35 AM »
I found avast.setup where you said it would be and where it was had I opened all file extensions in setup dll.  It along with 3 other AV files are checked in windows firewall.

I uninstalled, restarted, installed, restarted using same Reg # and it appears as I have to once again do a scan.  However I thought let me see if I can update and tried and got same package broken report. I put some * in one location to hide my name.


Below is from log.

05.04.2009 16:54:13 general: Started: 05.04.2009, 16:54:13
05.04.2009 16:54:13 general: Running setup_av_pro-537 (1335)
05.04.2009 16:54:13 system: Operating system: WindowsXP ver 5.1, build 2600, sp 3.0 [Service Pack 3]
05.04.2009 16:54:13 system: Memory: 26% load. Phys:1545268/2096360K free, Page:3611660/4038308K free, Virt:2069356/2097024K free
05.04.2009 16:54:13 system: Computer WinName: INSPIRON
05.04.2009 16:54:13 system: Windows Net User: INSPIRON\jaisen
05.04.2009 16:54:13 general: Cmdline: /downloadpkgs /noreboot /updatevps /silent /progress 
05.04.2009 16:54:13 general: DldSrc set to inet
05.04.2009 16:54:13 general: Operation set to INST_OP_UPDATE_GET_PACKAGES
05.04.2009 16:54:13 general: Old version: 537 (1335)
05.04.2009 16:54:13 registry: Deleted registry: Software\Alwil Software\Avast\4.0\UpdateReady
05.04.2009 16:54:14 system: Using temp: C:\DOCUME~1\******~1\LOCALS~1\Temp\_av_proI.tm~a01748 (28474M free)
05.04.2009 16:54:14 general: SGW32P::CheckIfInstalled set m_bAlreadyInstalled to 1
05.04.2009 16:54:14 internet: SYNCER: Agent=Syncer/4.80 (av_pro-1335;p)
05.04.2009 16:54:14 system: Computer DnsName: INSPIRON
05.04.2009 16:54:14 system: Computer Ip Addr: 75.213.117.185
05.04.2009 16:54:14 system: Installed in: C:\Program Files\Alwil Software\Avast4 (28474M free)
05.04.2009 16:54:14 internet: SYNCER: Type: use IE settings
05.04.2009 16:54:14 internet: SYNCER: Auth: another authentication, use WinInet
05.04.2009 16:54:14 package: Part prg_av_pro-537 is installed
05.04.2009 16:54:14 package: Part vps-9031900 is installed
05.04.2009 16:54:14 package: Part news-4e is installed
05.04.2009 16:54:14 package: Part setup_av_pro-537 is installed
05.04.2009 16:54:14 package: Part jrog-e0 is installed
05.04.2009 16:54:14 general: Old version: 537 (1335)
05.04.2009 16:54:14 general: GUID: 3f90d82e-dfd9-47d8-942f-f5c585aa60d7
05.04.2009 16:54:14 general: Server definition(s) loaded for 'main': 229 (maintenance:0)
05.04.2009 16:54:14 general: SelectCurrent: selected server 'Download730 AVAST Server' from 'main'
05.04.2009 16:54:14 internet: SYNCER: Type: use IE settings
05.04.2009 16:54:14 internet: SYNCER: Auth: another authentication, use WinInet
05.04.2009 16:54:14 general: Entered SetupProcessPro::Do( INST_OP_UPDATE_GET_PACKAGES )
05.04.2009 16:54:14 general: Entered SetupProcessWin32Avast::Do( INST_OP_UPDATE_GET_PACKAGES )
05.04.2009 16:54:14 general: Entered SetupProcessWin32::Do( INST_OP_UPDATE_GET_PACKAGES )
05.04.2009 16:54:14 general: Entered SetupProcess::Do( INST_OP_UPDATE_GET_PACKAGES )
05.04.2009 16:54:14 general: progress thread start
05.04.2009 16:54:14 internet: SYNCER: Agent=Syncer/4.80 (av_pro-1335;f)
05.04.2009 16:54:36 internet: Used server: http://download730.avast.com/iavs4x
05.04.2009 16:54:36 package: Download servers.def, servers.def.vpu failed with error 0x20000011.
05.04.2009 16:54:51 internet: Used server: http://download730.avast.com/iavs4x
05.04.2009 16:55:12 internet: Used server: http://download730.avast.com/iavs4x
05.04.2009 16:55:12 file: GetFileWithRetry: servers.def downloaded .
05.04.2009 16:55:12 file: GetNewerStampedFile:DSA_FileVerify(C:\DOCUME~1\******~1\LOCALS~1\Temp\_av_proI.tm~a01748\onefile), error: 0x2000000B
05.04.2009 16:55:12 package: Tried to download servers.def but failed with error 0x20000011.
05.04.2009 16:55:12 package: LoadAllDefs failed 0x20000011
05.04.2009 16:55:12 general: Err:The package is broken
« Last Edit: April 06, 2009, 02:10:02 AM by avastment »

avastment

  • Guest
Re: 4.8 and windows firewall.
« Reply #8 on: April 06, 2009, 02:25:53 AM »
i read this in a forum though it did not help.

I'm on UM175 VZ broadband did below tried to update and got package broken.

Oh, I typed into yahoo search bar broken avast package and was taken to an advertising site and I had to click back to get to below Avast form question and answer.

Had the same problem Package broken etc. etc... , found in settings > update connections> a tick box that said "My Computer is permanently connected to the Internet" since I am on dsl I figure to click that  ..... and lo and behold no more Broken packages

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 86684
  • No support PMs thanks
Re: 4.8 and windows firewall.
« Reply #9 on: April 06, 2009, 02:46:48 AM »
Thanks for the update (excuse the pun) glad that you now have it sorted.

Welcome to the forums.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 22.5.6015 (build 22.5.7263.730) UI 1.0.711/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

avastment

  • Guest
Re: 4.8 and windows firewall.
« Reply #10 on: April 06, 2009, 05:14:13 AM »
I don't have it fixed.

"Had the same problem Package broken etc. etc... , found in settings > update connections> a tick box that said "My Computer is permanently connected to the Internet" since I am on dsl I figure to click that  ..... and lo and behold no more Broken packages"

above is from some one else in this form and I tried it.  Did not work.

avastment

  • Guest
Re: 4.8 and windows firewall.
« Reply #11 on: April 06, 2009, 08:07:01 AM »
"Had the same problem Package broken etc. etc... , found in settings > update connections> a tick box that said "My Computer is permanently connected to the Internet" since I am on dsl I figure to click that  ..... and lo and behold no more Broken packages"

There is more to above than what it says.  This is from another forum user.
What is missing is
yes click on update connections,and click computer is permanently connected to internet.
I am using a UM175 VZ modem which I guess is permanently connected to internet when I turn my computer on
However,  You have to click on proxy box
and click direct connection option.

This allowed me to update not only virus but Avast program too.   Oh so easy.

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 86684
  • No support PMs thanks
Re: 4.8 and windows firewall.
« Reply #12 on: April 06, 2009, 02:48:41 PM »
You never did say if you ran the avg8 uninstall tool I gave the link for ?

What your modem if isn't an issue it is the type of connection, broadband, DSL or Cable are all permanent connections, Dial-up is blatantly obvious so if you aren't using that then you are permanently connected.

Your proxy setting is by default set to 'Auto Detect (use Internet Explorer settings),' this for the most part is fine foe the greatest majority, but for some it doesn't (why I don't know). You seem to have been one of the unfortunate few and Changing it to no proxy has worked.

Now! you are sorted ;D
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 22.5.6015 (build 22.5.7263.730) UI 1.0.711/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

avastment

  • Guest
Re: 4.8 and windows firewall.
« Reply #13 on: April 06, 2009, 04:11:48 PM »
I used avgremove you suggested to me.  AVG is gone.

As for being sorted and being a user of Avast for less than 24 hours I have a suggestion or two.

So last night, it is now Monday morning, I thought why not do a VRDB thing.  So I click start and you i ball went around, around, around and kept going for about 35 minutes when it got to be like really late so I stopped it.
Suggestion 1 would be some sort of moving bar showing progress in percent or numbers or something with time remaining or something or an automatic shutdown of my computer.
Suggestion 2 are skins.  They could better in colors, boxes, white spaces. 

and lastly I still have problem with google and yahoo search bars being a new term for me Hijacked.  There are others with this problem and no real answer other than doing a Hijack test, copying log and posting it for someone else to look at. 
There has to be another way.

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67241
Re: 4.8 and windows firewall.
« Reply #14 on: April 06, 2009, 04:24:07 PM »
avastment, both VRDB and skins will be dropped in next avast version. The first, due to lack of usage nowadays.
The best things in life are free.