Blue screen-sand box

[patt]

My free avast is 7.0.1426 /120506-0

Recently, I run some programs (eg. MetaStock from www.equis.com)  and get some message on the blue screen.  With that message I misunderstood that the blue screen happened from corrupted program file.  I reinstalled the program several times but the blue screen still happened any time I ran the program.  Since the blue screen might be related to virus/malware (my misunderstood  again) , so I ran the ComboFix.   I installed-reinstalled the program couple times, but the blue screen still there.  Several hours passed until I search thru net and realised that the blue scrren comes from Avast sandbox.

1 How to set avast to turn on protection automatically any time when computer is turn on?  It was auto turn on before I ran ComboFix but now I have to start Avast manually?

2 Could we set sandbox to auto and give us a warning of suspicious program instead of showing up blue screen with message and let any novice user (like me) must guess how to fix it?

Thanks

[AntiVirusASeT]

the blue pop up ur getting is the auto analysis by avast. it either ends the analysis by terminating ur suspicious program and stating that it cannot decide if the program is malware, use it with caution. or ends the analysis by terminating the program stating it is indeed malicious (this occurs rarely, i have yet to see it but i know that theres such a thing from avast developers)

IF and ONLY if ur sure that the unknown program is 100% safe, please select 'open normally' in the drop down box after from the blue pop up after analysis.

Note: u SHOULD never run ComboFix without expert supervision...u could potentially damage ur operating system.

as to No.1 qn, how did u turn off avast? is ComboFix capable of turning off antiviruses? (i m not sure about Combofix...cus i m not an expert and will never touch such tools without someone guiding me)

nevertheless, i suggest u try turning on avast via msconfig...follow the screenshot.
after which, turn on avast self protection...follow screenshot.

[AntiVirusASeT]

3rd screenshot

[patt]

Thanks for your advice.

The only thing I can do when blue screen (with message) shows up is to reset the computer.  The message says something about load page and etc.,  the last message sentence says about memory dumb with number running.

Refer to the sample screenshot (#1-3).  I found Avast Antivirus on Services tab (already ticked) but there is no Avast in Startup tab.   The "enable Avast! seld-defense module"  in Troubleshooting  is already ticked.

I use ComboFix because I misunderstood that the blue screen was virus/malwares and have no idea how to fix it.   Avast was disabled (by me) when I ran the ComboFix. During the cleaning process, it might erase Avast start up file.  FYI .... I  ran the Combofix on both desktop and notebook, but  the Avast on notebook works properly.

[AntiVirusASeT]

2 Could we set sandbox to auto and give us a warning of suspicious program instead of showing up blue screen with message and let any novice user (like me) must guess how to fix it?

wait, i am confused now, the blue screen ur refering to is it BSOD? (blue screen of death)?
eg. http://www.google.com.sg/imgres?q=BSOD&hl=en&sa=X&biw=1366&bih=681&tbm=isch&prmd=imvns&tbnid=FT16spvqX-qqjM:&imgrefurl=http://forums.techguy.org/general-security/1044511-bsod-ibm-thinkpad-laptop.html&docid=D9rbrQzRIF75-M&imgurl=http://i35.photobucket.com/albums/d183/AustrAlien_1952/Computer%252520Support/bsod_c.jpg&w=621&h=428&ei=LbunT7nuNdHqrQfA2LnsAQ&zoom=1&iact=hc&vpx=1054&vpy=310&dur=3465&hovh=186&hovw=271&tx=131&ty=94&sig=116217175735544664484&page=3&tbnh=139&tbnw=202&start=38&ndsp=20&ved=1t:429,r:14,s:38,i:253

if it is BSOD, does it only occur when u use that particular program u mentioned?
do u have any other security programs installed on ur system?

[patt]

Yes, It is like the picture in the link,  just realised it is called BSOD.

BSOD occured on some programs eg. MetaStock (see my first post). I also have Sunbelt personnel firewall, and Spybot Search& Destroy on the computer. All of the programs including your Avast have been working properly for years without crashing.

When Avast sandbox is introduced, some warning messages pop up frequently, so I might turn off auto sandbox just to close the warning permanently without knowing what it was.

[AntiVirusASeT]

since u turned off autosandbox, it should not be the cause of the BSODs

what is ur system specs? eg. windows 7 service pack 1, 32bit

ur security programs should not conflict with avast it seems...

since theres BSOD occuring on ur system, i recommend a complete uninstallation of avast

1. Download a fresh Avast! 7 package from http://www.avast.com/free-antivirus-download (to reduce chance of corrupted install)
2. uninstalling Avast! the normal way with windows
3. run Avast! uninstall utility http://www.avast.com/uninstall-utility (please do it in SAFE MODE!   )
4. run the uninstall utility 1st time for Avast! 7
5. reboot and go into safe mode once more, second time for Avast! 6 (this is if u have updated to Avast! 7 from Avast! 6)
6. reboot again, this time to normal windows mode
7. install the fresh package

hopefully this solves the BSOD. if not, please upload the mini dump file to ftp://ftp.avast.com/incoming for Avast! team to check it out
note: mini dump file can be found in  \Windows\Minidump. please state ur drive (eg. C:) before the '\'

on the side note: Sunbelt personnel firewall is discontinued. source: http://www.sunbeltsoftware.com/Home-Home-Office/Sunbelt-Personal-Firewall/
                             Spybot Search & Destroy has high resource usage and is not effective at malware removal. source: http://en.wikipedia.org/wiki/Spybot_%E2%80%93_Search_%26_Destroy

u might want to uninstall both of these programs and just use windows firewall with malwarebytes as an on-demand scanner (http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html?part=dl-10804572&subj=dl&tag=button)

do note that if ur using windows xp u should update it to at least service pack 2. anything before that has major security flaws.

[patt]

I may not explain the problem clearly.  Let me says in chronological order:

1  Avast introduced Sandbox protection, I turned AutoSandbox off since it showed many pop up warnings. All programs still working properly.
2   Yesterday, I open some programs (eg. MetaStock) and found BSOD.  I misunderstood that the program was corrupted.
3  I reinstalled the program but the BSOD still showed up.  Then I ran ComboFix  to solve the unknown virus/malwares.
4  The BSOD still showed up when I open the program.  I searched thru the net and found Avast sandbox can cause ""blue screen".   Then I open Avast and find Auto Sandbox was enabled (I didn't turn it on).
5  I turned off the AutoSandbox, no BSOD apperard and the program ran smoothly as usual.  But I noticed Avast didn't start protection when I turn on computer, I must turn Avast on manually.
6  I posted in here to ask some help (as in the first post).

Should I reinstall the Avast, please let me know.  Thanks for your patience.
ps. I am using  xp sp.3

[AntiVirusASeT]

hmm, ok, now i understand that autosandbox is causing the BSOD.

ignoring the autosandbox problem 1st, lets try to solve the problem of avast not starting up with windows.

method 1. try a repair on avast: go to add/remove programs (the place where u normally uninstall programs) -> select avast. at this point, avast uninstaller should run and provide u with the options of update/change/repair/uninstall. select repair and allow it to do its job. after which, restart to see if avast startup with windows.

method 2. do a complete reinstall of avast following the steps i stated in my previous post.

as for autosandbox causing BSOD with some programs, only Avast! team people can help u on this but u can start by uploading the mini dump file to ftp://ftp.avast.com/incoming for Avast! team to check it out
note: mini dump file can be found in  \Windows\Minidump. please state ur drive (eg. C:) before the '\'

meanwhile, switch off autosandbox in avast and wait for them to reply u.

 

[patt]

Your Method#1 (repair) is ok.  Avast gets back to work when computer starts.
I Will locate the  \WINDOWS\Minidump  and send file via ftp as your suggestion.


really appreciate your help