Avast! Free Antivirus 5.1.889 locks up OEM XP Home SP2
Symptoms:
I click anything on the desktop or quicklaunch bar and the PC Freezes.
The Avast! animated icon also frozen, appears partially turned.
CTRL + ALT + DELETE does nothing. Even waited 5-10 minutes and no change.
Had to press the power button for 10 seconds to do a (hard) power off.
The only program I could run (by clicking it’s tray icon) was Avast, which I clearly recall updating late yesterday afternoon.
Temporary Solution:
I found that permanently disabling the “File System Shield” gives the temporarily solution.
Stop the animated tray icon’s yellow triangle & warning un-check: Settings, → Status Bar, → File System Shield
Notes:
I looked through several logs and see no indication of what happened, I tried using Avast’s debug with no results.
After a lot of troubleshooting, cleaning registry, and reading posts on this forum I’d thought I’d post this in-case someone else had the same difficulties.
The only software that’s been updated or changed in the past week is Avast 5.0.677 to 5.1.889.
Other installed security software: Comodo Firewall 3.5.57173.439, and SUPERAntiSpyware 4.46.1000
Thanks for the welcome.
I know what your saying, I saw a fair bit of that and it stopped me from updating from 5.0.677 earlier.
I did find a few similar posts but they seemed to be Win7 specific.
Some other posts that started to describe it but didn’t have any details or just wandered and got lost.
I had the same problem with v5.1.889 on XP. See my post about the problem here and how I installed a previous version to get around the problem until Avast is fixed. http://forum.avast.com/index.php?topic=70100.0
You seem to repeat yourself alot in everyone elses thread’s, either start up a thread of you own to solve your issues or go away and let other people get there problem’s solved without your negativity.
Um YoKenny I tried SP3 but it totaly removed the quick start and stopped all access to the internet. ???
That was 2 or 3 years back and this SP2 PC has been just fine until this Avast update.
FYI Others have had SP3 problemss too
“Many XP users, including Steve Gibson, have found that installing XP’s Service Pack 3 breaks their machines. Also, the official advice from Tech Support of this writer’s OEM (Toshiba) is not to install SP3, and they do not support it.” forums.informaction.com/viewtopic.php?f=19&t=4873
Thnks Mr twinky, I looked at the links in your link. :-
I had already tried unistalling Avast, then ran its removal tool, then cleanafterme from systeminternals then reinstalled Avast. theres a few reboots in there too.
I have the same problem as AnonAnon and the PC works with the all shields disabled.
And it also runsfine if just that top file shield is stopped and the rest below it are still on.
And after reading the links from Mr twinky, I guess I will install an older version of Avast for now.
BTW My setup is similar but my Avast AV auto-updates, I have Comodo Firewall at ver 4.1.150349.920, SuperAntiSpyware ver 4.26.1002 (I don’t run SASW too often) and Malwarebytes Anti-Malware ver 1.50.1.1100. Also Im running on old 2.2Ghz P4 home build with XP Home 2002 SP2.
I scanned the PC and looked at files and the registry all weekend and found nothing.
But when I used sysinternals RootkitRevealer it gave a one weird entry.
And I wonder if it’s the culprit for Avast to freeze the PC when “File System Shield” is enabled? :-\
Anyways I posted the screen-shot on the SysInternals RootkitRevealer forum. Search for this title: Weird null entry, Save to text file crashes RkR
Does any Avast user with the exact same problem and temp solution that I mention above have the same RootkitRevealer entry??? ???
TMAnonAnon and Decker, do you both have defense + turned on or off in comodo firewall ? try turning off and reboot, can also try uninstalling the behaviour shield in avast.
I am running g XP pro SP3 and had similar issues when after starting any application it was taking ages to load. Everything worked fine in safe mode though. I noticed that there is lots of paging in perfmon while it happens. In the end the solution was to uninstall Avast. A bit of a shame as I was using it for a good couple of years. I just spend to much time and money testing almost all the components of my PC to install Avast ever again.
yaro
do you both have defense + turned on or off in comodo firewall ?
Comodo firewall is on safe mode, I had disabled it but the PC still froze on rebooting.
Comodo Defense+ was always disabled and there's 0 files awaiting review.
uninstalling the behaviour shield
I'm not understanding, is the Behavior Shield and File System Shield conflicting somehow?
I sure I had first tried stopping the Behavior Shield, and the PC kept freezing-up.
Currently, the PC runs fine with the File System Shield stopped permanently…
I’m doubting that the weird registry found by RootkitRevealer has anything to do with this (nothing from/on their forums).
I had ignored yokennys SP3 comment, but as I recall SP3 stopped this old emachine from even booting to the desktop.
So, I just put back the disk image (I’d made just before SP3), and I never looked at SP3 since.
I’d hazard that I can assume the paid version of Avast will have the same problems?
The BhS in 5.1 seem’s to play up in some system’s causing a few conflict’s here and there so try uninstalling the shield though add remove programs, reboot and see if you can enable your file system shield as that shield is essential for your safety, the next option would be to delet avast 5.1 all together,reboot into safe mode and run the removal tool then install avast 6 beta 2.
Disabling the BhS wont work, it has to be uninstalled.
For others who might want to know how to do this, I went to WinXP’s Control Panel → Add/Remove Programs → Avast! → Change/Remove, I choose the option called “Change” → “Next”, after a moment it shows me some options and I unchecked the BhS (Behavior shield). After the BhS was uninstalled, I rebooted.
Next I opened Avast, I went to Real Time Shields and I started the File System Shield again.
Then clicked “Settings” → “Status Bar” and put back the check-mark for the File System Shield.
Everything seemed fine, so I shut down the computer and restarted it.
So far the computer seems to be working fine! :o
Thanks craigb for clarifying between disabling versus uninstalling the BhS.
Basically I went on old Gaming sites looking for a nocd file for CIV3.
I did not download anything from those sites. Yet they still infected my PC.
From the dates and time it looks like these events unfolded.
The Java 1.4xxx had a module changed, then a file called CmdLineExt.dll was dropped into Firefoxes temp folder.
(Java 1.4xx is on WinXP SP0 to SP2 but not found on SP3 or later, and it’s not the Microsoft VM Java.) ???
Anyways the CmdLineExt seemed to use something from Civ3 called SecuRom to do stuff and hide it all.
It put two random named EXE files in the temp folder and hid them.
And it placed many other files all over the PC. I think 1 file was called ati97.dll and it was identified with having a “Virusless Virus”… It also infected a couple documents on C drive.
So, it turns out it really was just my luck to have Avast update the next day & started messing up.
Unfortunately Avast didn’t stop any of it. :o
And just when I think the PC is cleared, I run a Avira and BitDefender LiveCDs and they still find stuff like “Script Trojans” and so on…
So, I’m going to wipe out that PC (I cant trust it now) and do a re-partition, followed by a disk format.
PS. I would’ve posted sooner but I had to wait for APC to send the replacement UPS, at least this older PC is still OK. (shrug)
