Avast! is broken, unfixable, uninstallable, and interfering w/everything

I had an infection with XP Home Security 2011 and managed to get rid of it, but it seems that things are still broken, but I think it all comes down to avast! Whenever I open a new tab in IE or Chrome, it takes forever for it to allow me to get to my first web page. AvastSvc.exe is taking 100% CPU, but if I try to repair avast! (through the Add/Remove Program applet) the dialogue that pops up just hangs on “installing software”. I tried downloading a new copy and was told that I had to wait until it finished updating. I am so stuck now.

if not already done…

Check for malware with this

Malwarebytes Anti-Malware 1.50.1 http://filehippo.com/download_malwarebytes_anti_malware/
always update so you have the latest signatures before you scan
click on the remove selected button to quarantine anything found

you may post the scan log here if anything is found…

If still problems you may need to reinstall avast
Uninstall utility http://www.avast.com/en-no/uninstall-utility

I would suggest a clean reinstall:

  • Download the latest version of avast, 6.0.1125 http://www.avast.com/free-antivirus-download and save it to your HDD, somewhere you can find it again (if you didn’t save your last download). Use that when you reinstall.

  • Download the avast! Uninstall Utility, aswClear.exe find it here and save it to your HDD (it has uninstall tools for both 5.x and 6.0.x).

    1. Now uninstall avast! (using add remove programs, if you can’t do that start from the next step), reboot.- 2. run the avast! Uninstall Utility from safe mode, first for 5.x if previously installed and then for 6.0, once complete reboot into normal mode.- 3. install the latest version, reboot.

Looks like uninstalling in safe mode was the answer. I tried a repair which was allowed to run to completion but didn’t fix anything. I’ve uninstalled it, then reinstalled it in normal mode, and my browsers are allowed to function and avast! is running and not hogging the CPU. 'Pity it didn’t keep my settings.

Thanks.

You know, one of these days, I’m going to meet a virus writer, and I’m going to make him pay for not just his sins, but all of those of his peers. Watch for me on 60 Minutes.

You’re welcome.

BTW, should I be concerned that avast! didn’t pick up on this? As soon as I was infected, I rebooted and did a boot-time scan, which did not pick this one up.

Not unduly as no single application will detect 100% and there are new variants spawned very quickly, so it is a game of catch up. But these rogue/fake AVs/security alerts aren’t initially malicious, they are just throwing up pop-ups to scar the pants of a user.

They normally require a degree of complicity on the part of the user, e.g. clicking on a button or even the window (or even the X close top right of the window) as that triggers the download/installation of the malware proper.

Should a user get any such pop-up they have to exercise some common sense and restraint, how would they know my system is infected, etc. (they can’t, its a scam). Now the best action is to open the Task Manager and close all instances of your browser, avoiding any contact with the pop-up.

The browser you choose will also help against this, these are normally from hacked sites that redirect to a malicious site (cross site scripting) to run any pop-up, download, installation. Firefox with the NoScript add-on goes a long way to prevent this as does another add-on RequestPolicy, a more detailed cross site scripting blocker than what NoScript has by default.

Having MalwareBytes AntiMalware (MBAM) Pro (a paid option, one off fee) would also help as it is generally very hot on these as is is more of a specialised application. Before it changed its name it was called RougeRemover. The pro-active measures mentioned above would mean that you don’t absolutely need the MBAM Pro version.