Avast! not functioning properly

Hi I am having a problem opening avast. Well that it seems to open but it immediately goes to the task bar and I am unable to maximise it AT ALL. When the mouse hovers over the tab in the task bar the little window pops up but nothing happens after I click on it. I am only encountering this problem with Avast! – all other tabs maximise normally.

And today a Windows generated virus alert has me perplexed. I have snipped an image of the page that has been generated but I don’t know how to insert an image here and I am unsure whether this link to the image will work here hXXp://picasaweb.google.com/nicola6215/DropBox?authkey=Gv1sRgCPCw6rPW0P6vaw# This has never had this happen before as usually the Avast siren goes off which it did a few weeks ago but because I couldn’t access the control panel I ended up forgetting about that incident.

I am also running PC Tools firewall plus (windows Firewall turned off) and both Avast and Windows Defender are turned on and up to date (as reported by windows)

Could someone please advise me how I can get the Avast control panel accessible and advise me how to deal with this Windows Virus alert which occurred today. I don’t know if I should trust this site: hXXp://go2.thruhere.net/3/?c=947

Many thanks

i am 100% sure that popup is from a rogue / Fake AV scanner so you have an infection and that is probably why you have problems installing avast as the malware is blocking it

EDIT: Checked the last link you posted and it goes to a fake scan site

Try this

Malwarebytes Anti-Malware 1.46 http://filehippo.com/download_malwarebytes_anti_malware/
after install click update so you have latest database before scan
click the remove selected button to quarantine anything found
post the scan log here

Please edit your last post and change any links you posted which may be a virus from http to hXXp so others cannot get malware.

Second, can you run any kind of scan with Avast since it sounds like you Avast alerted you that something was wrong recently. When it did alert you recently, what action did you take–did you put something in the Virus Chest or what did you do?

Third, check your computer for malware with Malwarebytes’ Anti-Malware (MBAM).
· Download free http://www.malwarebytes.org/ for an on-demand scanner.
· Double Click mbam-setup.exe to install the application.
· After install, click update so you have latest database before scanning.
· Under Settings:
o General: Automatically Save File After Scan Completes is checked off
o Scanner Settings: Check all boxes
o Updater: Download and install update if available is checked off
· Once the program has loaded, select “Perform Quick Scan”, then click Scan.
· The scan may take some time to finish, so please be patient.
· When the disinfection scan is complete, a log will appear in Notepad and you may be prompted to Restart. (See Extra Note).
· Click the “remove selected” button to quarantine anything found. You will find the infection details under the Quarantine tab.
· The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
· Copy & Paste the entire report in your next reply if anything positive shows up.

If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts – Click OK to either and let MBAM proceed with the disinfection process; If asked to restart the computer, please do so immediately.

Thank you Pondus for checking the site for the OP.

VirusTotal - avupdate.exe - 16/42
http://www.virustotal.com/analisis/f3db540e589fabb99141d742c69e169b081303fe6d2cf1091b4de4a6e197e241-1279092851

Malwarebytes detect it as Trojan: Downloader

sample is sendt avast

avupdate.exe ThreatExpert
http://www.threatexpert.com/files/avupdate.exe.html

Oops apologies SafeSurf for the breach. Malwarebytes is active scanning my system now and I will post results later.

Just to clarify the situation with Avast! It has been updating on a daily basis and the icon in the tray is always rotating. Avast! is installed (almost 3 years now) and on the face of it is operating …it is just that I am unable to see the the control panel on the screen once I have clicked on the icon to open the programme. As this is something that I have not been able to do for at least a month I am hesitant to think of the two situations as related.

Thank you for your responses

Below is the log result created from yesterday’s scan.
Update – today Avast was able to generate its control panel in the normal process – so I can access it normally.

Please let me know what further steps I should take – if any.

Thank you

Malwarebytes’ Anti-Malware 1.46
www.malwarebytes.org

Database version: 4312

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18928

14/07/2010 11:09:09 PM
mbam-log-2010-07-14 (23-09-09).txt

Scan type: Full scan (C:|E:|)
Objects scanned: 357123
Time elapsed: 2 hour(s), 36 minute(s), 34 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 2

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

The end of the scan log is missing ? so we can not see what happend to the files found
Did you click the remove selected button ? are the infected files in MBAM quarantine ?

Open MBAM > 4th Tab from Left = Quarantine

Is anything listed in the Quarantine tab? If so, please post it. If not, do an UPDATE of MBAM, then carefully read my directions again on the Settings of MBAM, then repeat the MBAM scan again. If anything comes up as an infection, you need to click the remove selected button to put it into quarantine disinfects your machine.

Sorry about that I didn’t scroll down the page so missed the last 2 lines – now attached below.

Files Infected:
C:\Users\Nicola\AppData\Local\Mozilla\Firefox\Profiles\ssi1vbkv.default\Cache\5A8BB6DDd01 (Trojan.Downloader) → Quarantined and deleted successfully.
C:\Users\Nicola\AppData\Local\Temp\CBB.tmp (Trojan.Oficla) → Quarantined and deleted successfully.

SafeSurf - yes there is stuff in the quarantine tab … could you tell me how to post it. copy and paste doesn’t work.

You can manually type it in or do a screen shot.

Also, since it looks like MBAM quarantined it successfully, I would do an UPDATE of MBAM, and run a FULL scan (it will take a while) again to make sure you are clean.

You should do the same with Avast making sure your definitions are updated and do a Full Scan scan and see if you are clean.

I recommend double checking after an infection has been removed.

Is screen shot the same as using the Snipping Tool (Vista)… if so the paste function won’t work when I try pasting here. I uploaded the details to Picasa and provided the link (with the correct obfuscation I hope)

hXXp://picasaweb.google.com/nicola6215/DropBox?authkey=Gv1sRgCPCw6rPW0P6vaw&pli=1&gsessionid=I-xNpXnRDNwq48u_QM8t8Q#5494037808977294034

I don’t see anything with the link provided. Can you manually type it in, or do a snapshot this way:

  1. Click on the single snapshot (the page you want to make an image)
  2. Hold down the Windows key on your keyboard and press R
  3. Enter MSpaint, and click OK
  4. Click in the work area and press V to paste the screen print
  5. File > Save AS
  6. Give it a name that means something and change to type to jpg and click save

When you make your next post, click on the first button on the left under the bold button to insert an image into your post.


Most important is:
*On your rescans of both Avast and MBAM, did both come up clean this time around?

  • Is Avast working properly now that the malware is quarantined?

I’m not a skilled computer whiz, more a dummy, but I noticed:

“I am also running PC Tools firewall plus (windows Firewall turned off) and both Avast and Windows Defender are turned on and up to date (as reported by windows)”

On my computer Windows Defender contains an Anti-virus program so I cannot use it because it can conflict with Avast! AV. Could part of the problem be a conflict because of running 2 anti-virus prgrams simultaneously?

@ Spectacle

Windows Defender runs fine on my Windows 7 system.

@ Nicla,

Awaiting your response. Thank you.

Apologies for the silence but things happen. My original issue remains:

I am still having a problem opening the Avast Simple Interface. Well it seems to open but it immediately goes to the task bar and I am unable to maximise it AT ALL. When the mouse hovers over the tab in the task bar the little window pops up but nothing happens after I click on it. I am only encountering this problem with Avast! – all other tabs maximise normally.

I am running PC Tools firewall plus (windows Firewall turned off) and both Avast and Windows Defender are turned on and up to date (as reported by windows)

Could someone please advise me how I can get the Avast Simple User Interface accessible.

Here is an image which illustrates the problem

http://i796.photobucket.com/albums/yy249/MsAlocin1/SS002.jpg

YESTERDAY’S report from MBAM:
Malwarebytes’ Anti-Malware 1.46
www.malwarebytes.org

Database version: 4521

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18943

2/09/2010 1:27:46 AM
mbam-log-2010-09-02 (01-27-46).txt

Scan type: Full scan (C:|E:|)
Objects scanned: 372376
Time elapsed: 3 hour(s), 15 minute(s), 44 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Here are the files within MBAM quarantine chest

http://i796.photobucket.com/albums/yy249/MsAlocin1/mbamquarantinestatussept2010.jpg

Many thanks

nicla,

Keep the items in MBAM quarantined there; do NOT delete them.

  1. Do you have a 32 or 64-bit machine? What happens if you right click on the Avast tool bar? Can you open the GUI this way? If you have a 32-bit, try to update Avast definitions and run a Boot-time scan.

  2. Are you getting prompts (the green pop-ups) for getting the Avast updates?

  3. What other security software do you have currently or did you have in the past on this machine? If you had in the past, how did you remove it (vendor’s uninstaller tool or another way)?

FYI – Free PC Tools FW I believe has recently been discontinued. I might suggest a different FW…either Online Armor, Comodo (without the AV), or Outpost seem to work well with Avast. Make sure you remove PC Tools FW in Safe Mode and check for remnants! Before you go making changes to your FW, reply to this post as I may need to give you additional diagnostic tools for malware removal.