Real-time shields "off" even though all are running?

[luke123]

Hi, all

When I turned on my notebook today, I noticed in Avast's summary section that real-time shields were "off". This was odd as I always left the shields running. When I then checked each shield individually, all was shown to be "running", even though I didn't press the "Fix" button under summary. Very strange...

As my last computer session was done using Wi-Fi, I became concerned and immediately ran Avast (including a boot-time scan with high heuristics) and two other anti-virus/trojan programs, but there was no sign of any infection.

Incidentally, avast's real-time shield status became "secured" again after the scan was completed.

Could this have been a fluke/software bug, or was my computer hacked?

All feedback welcome!

Thx.

[DavidR]

I rather doubt your computer was hacked, as you say the shields were running and nothing was found on the boot-time scan.

[MayuraDeSilva]

Do you use several anti-virus softwares? What else do you use as on-demand?

Conflicts may occur if you have two or more AV softwares...

Cheers...

[luke123]

As my last computer session was done using Wi-Fi

I'd add that it was an unencrypted public Wi-Fi network which, in hindsight, could've been spoofed. (Yes, very careless of me...) Windows XP's built-in firewall was also found to be off after the Wi-Fi session.

ran Avast (including a boot-time scan with high heuristics) and two other anti-virus/trojan programs, but there was no sign of any infection.

I used Malwarebytes Anti-Malware and a2 Emergency Kit to scan the computer manually and sequentially. I only have one anti-virus program (Avast) on at any given time.

[MayuraDeSilva]

Did it happen again? Why don't you try clean installation?

Cheers...

[SafeSurf]

Incidentally, avast's real-time shield status became "secured" again after the scan was completed.

I rather doubt your computer was hacked, as you say the shields were running and nothing was found on the boot-time scan.

I'd add that it was an unencrypted public Wi-Fi network which, in hindsight, could've been spoofed. (Yes, very careless of me...) Windows XP's built-in firewall was also found to be off after the Wi-Fi session.

Did it happen again? Why don't you try clean installation?

I think the OP realized that using an unencrypted public WiFi was an unintentional mistake and most likely will not repeat this.  A clean installation would not be the first choice solution at this time to trouble shoot since the boot-scan came out clean.

[RejZoR]

It happened to me few times before. It's usually on startup only and it gets fixed if you stop the shields and start them right away. This will reset the status and everything will be fine. I have no clue why this sometimes happens.

[SafeSurf]

@ RejZoR,

Did you try a Repair or do you have some bugs crawling in your machine. 

[RejZoR]

There were no bugs on my system, just in avast! apparently. I never really traced the problem as it was gone by itself after some time. Not sure why or how.

[luke123]

Thanks for all your feedback.

Trying to use this event as a learning opportunity, I wonder if I may put the follow queries to those in the know. Suppose a notebook/Avast user stumbles into and unwittingly becomes connected to someone's "trap" Wi-Fi network, how difficult would it be for the intruder to turn off the user's (a) Avast real-time shields and (b) built-in Windows firewall, and how long would it take to accomplish these two tasks?

Thinking positively, is there any defense against such intrusion in this hypothetical circumstance? For instance, would the Zonealarm firewall be an effective guard, esp. against an attempt to turn it off?

Thanks again!

[SafeSurf]

There have been issues with ZA FW in the past, but these issues have been resolved with Avast's recent version, however if ZA changes their version or update, this may obviously affect things.  I can say many users with previous problems with ZA FW here on the forum opted to change FW's because of ZA. 

Depending on your third-party FW, you may/may not be able to also run Windows FW with it at the same time.  Some third-party FW's are disabled by it.  AIS (Avast Internet Security) allows both to run at the same time, which is unusual, but I'm not sure if ZA also allows this.

I think the situation when you mentioned going to the public WiFi and not being encrypted was your only honest mistake and this may have lead to a possible leak (assuming you keep it locked at home).  I would suggest changing passwords just in case.

How are things running now?