Avast keeps giving error message about unable to connect to update site.

Hi, I am running windows xp pro with service pack 3, Avast home edition , I think 4.6 or something like that. For the last 3 days I keep getting the red error box that states that avast could not connect to the update site. When I try to go directly to the Avast website it will never load. I can browse to other antivirus websites without any problem. ran Malwarbytes but turned up nothing, scandisk the same nothing. cleared all temp files and cookies still nothing. computer does not act like it has a virus at least nothing that I’ve tryed so far indicates that it does but I think it has something playing games with it. anyone have any Idea as to what in the world is going on? I know it is with my box as I can access Avast website just fine on the computer at work. even tryed disableing the firewll but no joy.

avast is on version 4.8 (not 4.6).
Are you using Windows Defender? Can you scan your computer with it? Maybe the problem is on hosts file…
Which is your firewall?

No not using widows defender, Right now it is just on the windows firewall I was running comodo which is the one that I turned off thinking that it was causing the problem. Whatever it is is just affecting avasts ability to update itself and my browser from going to the avast site. Both Ie8 and firefox

I suggest (you can skip the steps you’ve already done):

  1. Clean your temporary files.
  2. Schedule a boot time scanning with avast with archive scanning turned on. If avast does not detect it, you can try DrWeb CureIT! instead.
  3. Use MBAM (or SUPERantispyware or even Spyware Terminator) to scan for spywares and trojans. If any infection is detected, better and safer is send the file to Quarantine than to simple delete them.
  4. Test your machine with anti-rootkit applications. I suggest avast! antirootkit or Trend Micro RootkitBuster.
  5. Make a HijackThis log to post here or this analysis site. Or even submit the RunScanner log to to on-line analysis.
  6. Clean your Hosts file (replacing it) with HostsMan tool.
  7. Disable System Restore and then reenable it again.
  8. Immunize your system with SpywareBlaster.
  9. Check if you have insecure applications with Secunia Software Inspector.

Be sure that Comodo is completely removed from your computer, the firewall and the antivirus part.

It’s me again, I went home at lunch and after realizing that when I ran malwarebytes I ran it under normal windows, I restarted the computer in safe mode and turned off system restore and re ran malwarebytes and it found some sort of Trojan that was blocking my access to the updates as well as the avast web site. 4 files total. I quarantined them and restarted with a boottime virus scan from avast all came back clean attempted to access the avast website with both browsers all OK now, ran avast updates without anymore problems as well. All is good now. when I get home I will run a few more scans just to make sure. I will post the malwarebytes log as well. Perhaps this may help somebody down the road. Thanks Dan J.

You’re welcome. Feel free to come back any time you need help or just to change experiences 8)

Here is the malware data that I said that I would post. this is what was found and removed.

Malwarebytes’ Anti-Malware 1.39
Database version: 2421
Windows 5.1.2600 Service Pack 3

7/31/2009 12:48:16 PM
mbam-log-2009-07-31 (12-48-16).txt

Scan type: Quick Scan
Objects scanned: 126824
Time elapsed: 10 minute(s), 52 second(s)

Memory Processes Infected: 1
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
C:\WINDOWS\system32\NetFilter.exe (Trojan.Agent) → Unloaded process successfully.

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\msdrv (Trojan.Agent) → Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) → Bad: (1) Good: (0) → Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\system32\NetFilter.exe (Trojan.Agent) → Quarantined and deleted successfully.