Hello,

I had the Demaru-A with patch.exe backdoor Trojan on my PC. I got it cleaned but Avast is still being prevented, for at least a minute, from opening on startup.

A few seconds after I get to my desk top the Avast icon appears but is unanimated and then a red circle with an x appears over it shortly followed by a yellow triangle that has an exclamation point in it.

When I hover over the icon it says your computer is not secure. Is this just what Avast does or do you think the PC is still infected?

Some background info:

I updated to Avast Free 5 yesterday and ran a scan. It came back with Win32: Malware-Gen. When I ran Maleawarbytes it came back with this:

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) → Bad: (1) Good: (0) → Quarantined and deleted successfully.

After Avast and Malwarebytes quarantined everything I shut off system restore and restarted with a boot time scan.

Everything came back clean. I’ve since run several scans with Avast Free and Malwarebytes and they come back clean as well.

Hi Rahlen,

Welcome to the avast forum,

A few seconds after I get to my desk top the Avast icon appears but is unanimated and then a red circle with an x appears over it shortly followed by a yellow triangle that has an exclamation point in it.

When I hover over the icon it says your computer is not secure. Is this just what Avast does or do you think the PC is still infected?

According to this information, actually your are maybe infected but you need to activated or fix avast 5.0 features with click FIXED icon at avast 5.0 GUI.

Anyway, if you already scan and didn’t found any suspicious with MBAM or avast. It shouldn’t have any suspicious file or application working in your background.

But you may try to use HijackThis Tools, of course with guidance.

Then you may post your log file after scan with hijackthis in here.

Welcome to the forums, Rahlen

You might also try a repair if avast.

To do a repair of avast :

Control panel > Add/remove programs > click once on avast to select it > click on Change/Remove > scroll down the left pane and click on repair > click OK> follow directions

Hi Yanto.Chiang, CharleyO ;D

Ok, so your replies tell me that Avast locking up for a minute or two on start up is NOT normal.

I tried your suggestions to fix/repair but it didn’t resolve the issue, it is still locking up for a minute before it starts running normally.

did you empty system restore after eliminating the virus?..
they always place a copy in SR.

Yeah, I did.

The reason why I posted this in the virus forum is because Malwarebytes found something that had to do with the issue I’m having.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) → Bad: (1) Good: (0) → Quarantined and deleted successfully.

Even though Malwarebytes and Avast scans come back clean, Avast AV is still being locked up for a minute at start up.

That reg entry is a distraction - most antivirus programmes disable the windows notification centre - well the big boys anyway. But Avast does not

Have you set Avast to load services after windows services ?

Hi, no, I saw that I was able to set it to do that and definitely did not; I’ve just rid my PC of a dangerous virus and am trying to secure my PC as tightly as possible against a future attack. I didn’t think setting it to run AFTER windows was good idea.