Avast 5 newly installed, sent 3 to chest, rebooted - system failed to initiate

I have used free Avast for years and helped a friend put it on his PC. It is the Avast 5. I did a complete scan and it found 3 threats and wanted to send them to chest, so I did. Sorry, I will get back later to try to find out exactly what they were. He is bringing his PC over later. Now, when he booted back up after turning it off last night, he said it says “system failed to initiate” and he can only see his desktop wallpaper and no icons or start bar at the bottom. I feel terrible ::slight_smile: I have helped a lot of people put Avast on their PCs and never had anything like this happen. I am suspecting that he needs those files.

I will try to provide more info later, but can anyone tell me if I should try a to restore from previous restore point or try to open Avast by using the keys and going to the chest to restore the files from there. If I have to go into safe mode, I read I can do a restore like that. Any advice would be appreciated.

I am also trying to read other posts as fast as I can. he is leaving to go out of the country in a couple of days.

Thank you.

If I were you, and if it were possible, I would go back to a restore point, this could mean that you would have to install avast! again but that’s no big deal.

Having said that, the problem could have another origin and have nothing to do with those 3 files that you sent to the virus chest.

Good luck !

Thank you! I am going to try the restore point first. Of course, I don’t mind reinstalling Avast. Will post what happens. Thank you!

why not simply boot into safe mode and go to the chest and restore those files. then reboot again. only problem will be is if it flags them again and you have the same issue. imo a restore point will prob not fix it depending on the files that were removed

Thanks zfactor…I was thinking that too…a restore might not fix the problem. This is driving me crazy not having the computer here.

My friend rebooted, got back icons on the desktop and wanted to keep his pc tonight to use skype to call his Mom and was able to use skype, but couldn’t hang up or use any other program. I just wanted to be ready when he brings it over.

I read somewhere else that people were not able to access Avast or the chest in safe mode. Also, that Avast changes the name of the file and even if I restore it it won’t work properly. Well, I guess I will find out tomorrow.

Sure hope I haven’t crashed my friend’s pc.

worst case use the hdd to acces it on another pc. go to folder options and check the show hidden files. then look for the program data folder, alwil, avast5, chest and the files should be there. you may have to change permissions on the drive to access them.

I registered an account because I just had the EXACT SAME SYMPTOMS your friend has described.

running win 7 ulti 64 here. Avast 5 free, completely up to date.

Everything was fine until I decided to reboot this afternoon, and since then I haven’t been able to get windows to boot normally unless I drop into safe mode and disable the avast antivirus services (essentially disabling the program). With the antivirus services disabled everything runs perfectly. Repairing the install has done nothing, and I’m about to try installing a fresh copy.

Near as I can tell though nothing on my machine was sent to the virus chest as I’ve had no warning about possible infections.

Files in chest are encrypted, so that’s not an option. Once the file is sent to chest it’s lost if you can’t boot afterwards.

The reinstall seemed to be working fine up until about 5 minutes ago when i tried to open winamp. As soon as I did that the entire windows UI has frozen. MSN windows i had open still function and thanks to my lcd display on my keyboard i can see the computer is still running applications in the background. I’ve just lost the ability to adjust windows, alt tab, access the start menu or tray icons etc.

I’ve run the Win7 startup diagnostics, memory checker tools, and I can get into safe mode just fine. There been no updates to my system in the last 48 hours (aside from the antivirus install i just tried of course).

Thinking back on whats happened since the Avast install winamp would be the first program ive executed since the reinstall. Everything else was already running.

Any suggestions here? I really love this AV but since I wouldn’t dare run my system without antivirus this may be the first time I’ve had to abandon Avast in…ever.

eidt: Wow ok, so I thought I’d try the troubleshooting settings for Avast. But it turns out the setting arent being saved whilst in safe mode.

edit 2: Scratch that, any and ALL settings wont save for avast in ANY case if the service isnt running. The service I have to disable just to boot into windows normally to change the settings. And cannot be started while in normal running mode (“Access is denied”).

This means I can’t try anything to narrow down my problem. This is a major inconvenience and more importantly extremely frustrating, the kind of frustrating that makes people uninstall things.

Have you tried that ?
As the chest isn’t available in safe mode as far as I’m aware the service required doesn’t run in safe mode.

Just got my friend’s PC back. Very strange that I do not see any of the symptoms yet he described. I backed all his files onto an ext hard drive. I have not had to go into safe mode.
In the chest I see the files it moved to chest. I think it said not to post stuff about false positives, but where would I find out if these are true positives? Is there somewhere I can check it out?

Here are the files:
A0164811.exe
C:\SystemVolumeInformation_restore{C9BB54BB-3D48-4EA6-9216-29AE98312B76}\RP213

A0164840.exe
C:\SystemVolumeInformation_restore{C9BB54BB-3D48-4EA6-9216-29AE98312B76}\RP214

A0164879.exe
C:\SystemVolumeInformation_restore{C9BB54BB-3D48-4EA6-9216-29AE98312B76}\RP214

sdra64.exe
C:\WINDOWS\system32

_99.tmp
C:\WINDOWS\TEMP

_97.tmp
C:\WINDOWS\TEMP

Not sure what to do.

Well there are no system files in the list, whilst sdra64.exe is in the system32 folder it isn’t a system file so isn’t an essential system file and shouldn’t be involved in any boot issues. There are however many google hits for this file relating to it being malware, so the detection appears to be correct, http://www.threatexpert.com/files/sdra64.exe.html and there is some info on that link relating to its creation of temp files but those have .exe file types.

The C:\SystemVolumeInformation folder is part of system restore and anything in there is also inert, e.g not active unless you use system restore to restore to a point in time that includes these.
Infected Restore Points - There really is little benefit in chasing a detection in the system volume information folder. It is only there because it had previously been deleted or moved from the system folders and this is a back-up created by system restore.

  • Worst case scenario it isn’t infected and you delete it, you can’t use that restore point in the future, not much of a loss and the older the restore point is the less of an issue it is.

  • So if there is any suspicion about a restore point then it is best removed from the system volume information folder or it could bite you in the rear at some point in the future when you use system restore if it included that restore point.

Files in temp folders again as they are temp shouldn’t be involved in any boot issues.

So I believe there might be something else going on on the system.
If you haven’t already got this software (freeware), download, install, update and run it and report the findings (it should product a log file).

Don’t worry about reported tracking cookies they are a minor issue and not one of security, allow SAS to deal with them though. - See http://en.wikipedia.org/wiki/HTTP_cookie.

no never had to. still new to avast so its was a hopeful guess and suggestion. now i know. but yeah this could be very bad for someone. there imo should be some kind of failsafe restore from safe mode. that could come in VERY handy in cases like this.

Thank you DavidR!!! for all the info and links!
Found out my friend had been shutting his computer down with the power button!
I just cleaned everything up, run crap cleaner, left files in the chest, turned off alot of stuff he had in startup and I didn’t have any problems and it run faster. Started it up several times and fine. Hope that is the end of it.

Sorry because I think the problem was him shutting down like that, but I learned a lot.
Thank you!

I would like to see that you could run Avast in safe mode. But its free and I have used it for years and has been fantastic.

You’re welcome.

Power shut-downs can really be a pig as they can be responsible for file corruption and this can have serious implications.