Avast 5 shields down again and again

Hello! I’ve already sent you (ftp) some tmp files concerning Avast’s shields going off for no reason, but got no reply. Is there any other way I can send them to you to review them and see what’s the reason for this problem? Please. :slight_smile:

Igor, Vlk…?

What was the exact filename you uploaded?

 03/11/2010  04:25 AM            65,536 Mini031010-01.dmp
 for machine OS: [i]Windows 2000 Kernel Version 2195 (Service Pack 4) UP Free x86 compatible[/i]

if so, I guess we’ll need a kernelmode dump… :-
also please download http://public.avast.com/~kurtin/gflags.exe and enable “pool tagging” (see pic: http://public.avast.com/~kurtin/gflags.png) and reboot your machine.

Thanks.

hmmmm, probably it’s not your minidump (you’re using XP according to your signature) – so when did you upload it? 03/07/10? can’t see it there…

The file name is “Bellzemos-log.rar” and I’ve uploaded it on 24th of February.

I have looked at the dumps. They are, unfortunately, “heap corruption” type of problems, which are technically impossible to properly analyse from such dumps.

However, if the problem is reproducible on your system, we may try to set up a “trap”.
Download the gflags utility from pk’s post, and use it like this (from the command line):

gflags -p /enable AvastSvc.exe /full

Then reboot the computer, and watch for the problem to occur again.

Thanks
Vlk

I don’t know what is “heap corruption”, but nevermind. :slight_smile:

When I use the gflags utility and reboot, I have to wait for the shileds to go down again and then? Will the next dump be readable or which file do I have to send you?

Yes, the new dump should contain more information that should lead us to the cause of the problem (hopefully).

Thanks
Vlk

OK, I’ll do that tomorrow and then send you the dump. Thank you!

I did as you said: I downloaded “gflags.exe” to my C: drive (root) and enabled “pool taging”.
Then I typed in as you said but with no sucess - here’s what’s happened:

http://www.shrani.si/f/F/13i/22gT8jkk/jeba.jpg

Perhaps you need disable the avast self-defence module first, avast Settings, Troubleshooting, try that if you didn’t already do that.

David is right, apologies for not saying that earlier. Self defense will need to be disabled before you can use gflags on AvastSvc.exe.

Thanks
Vlk

No, I didn’t do that. I will try again later and post the situation here. Thank you.

OK, I did as you said and here’s what happened:

http://www.shrani.si/f/1G/om/1H5VU1UF/flufo.jpg

I don’t have time to sit down and wait for the shields to go down again (that’s my brother’s PC, I’m still using 4.8 on mine), but “gflags.exe” will check for the problems even after a 2nd or 3rd boot of the PC, right? So, when I see some files in the LOG folder (maybe tomorrow) I’ll post them to you.

Hm, since I disabled Avast’s self-defense there were no problems anymore as it seems. Should I enable it or should I wait a little more?

Yes you should enable the self-defence module, it was just disabled as that was needed to be able to run the gflags command.

If I eneble self-defense, will gflags be still able to save a log when/if an error occurs?

It is just the set the markers/parameters within the existing logging settings, this I believe would require that a file has to be modified (gflags -p /enable AvastSvc.exe /full) and that was what the self-defence was blocking. Or rather it was blocking the change of an avast registry key.

That is my best guess and by no means infallible.

So I should immediatelly turn on the self-defense, right? Thank you!

I believe so, after all it is a part of your defence in protecting avast against attack.