Infected with avast! please help

avast detected something in my system 32 folder and asked me if it wanted me to delete it. I guess it’s my fault for not writing down the name, but I thought that was what the virus vault was used for… Next it recommended a boot scan that didn’t find anything.

So now my computer can not connect to my wireless network anymore. The drivers for my network card went missing along with something to do with my laptops power. I downloaded and updated all my drivers but still no connection.

If I leave the computer alone for about 10 minutes it will SAY it’s connected to the right network but webpages won’t load because browsers know it’s not really connected. If I try to “repair connection” it will fail because it can’t complete the action: “Connection to the wireless network”.

Windows complained once that a file was missing and told me to put in the Windows XP sp3 CD that didn’t come with my computer and didn’t bother to tell me what file was missing, and I can’t check avast for the file that was removed because I can’t get on the internet to get the data on my computer that I didn’t want shared with anyone. Good system there guys.

So far avast has been worse then most of the viruses I’ve had.

Specks:
Asus mk90h disney netpal
Windows XP sp3
Avast free with automatic updates and all protection turned on.

Thanks for your help.

There is no such Antivirus Program that protects any system a 100% ::slight_smile: ::slight_smile:

This doesnt sound like a malware issue but more like a system problem…

Anyway…try and attach the logs here from this guide:
http://forum.avast.com/index.php?topic=53253.0

avast detected something in my system 32 folder and asked me[b] if it wanted me to delete it.[/b] I guess it's my fault for not writing down the name, but I thought that was [b]what the virus vault was used for[/b]
did you delete....or move to chest? a big difference...if you delete nothing goes to the virus vault....meaning you cant restore the file if it was a wrong detection

Clean, Quarantine, or Delete?
http://antivirus.about.com/b/2007/03/11/clean-quarantine-or-delete.htm

After thumbing around in the logs forever I figured it out:

http://forum.avast.com/index.php?topic=110804.0

The missing file is tcpip.sys and is a FP. I have a plan to fix it now and I’ll post back if there’s anything else important I find out.

Download the Avast fix zip file to a USB from the link below
https://dl.dropbox.com/u/73555776/avastfix.zip
Copy to all affected XP systems

Extract the files to their own folder on the desktop
Right click Avast and select Avast shields Control
Select Disable permanently
Open the Avastfix folder and double click TCPIP.bat
The computer will reboot
When the computer restarts then immediately update Avast

Once rebooted could you let me know of any remaining problems

I managed to get a tcpip.sys from my brother and tried installing it with the wireless network connection properties window but it is already there and doesn’t ask for a restart once I’ve told it to install. I also can’t uninstall it first. I tried the command prompt method listed in the other thread and then I tried the avast .bat fix all with no luck.

I even tried to run the avast scan again and remove the file and break things all over but it doesn’t seem to change anything.

Here’s my ideas on what might be wrong:
I’m doing stuff wrong and I’ve skipped a step some place.
Thanks to re-installing the drivers from Asus first I’ve unbalanced something so the normal ways don’t work for me.
The file my brother gave me is wrong somehow and so it doesn’t work.

Thanks again for your help.

OK first select a restore point before you started trying to do the repairs

Then if the net is still unavailable then run the avast fix

My computer does NOT have restore points…

Sorry, edit.

OK lets have a look see

Download OTL to your Desktop
Secondary link

[*]Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.

https://dl.dropbox.com/u/73555776/OTL_Main_Tutorial.gif

[*]Select All Users
[*]Under the Custom Scan box paste this in

netsvcs
BASESERVICES
%SYSTEMDRIVE%*.exe
/md5start
services.*
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
TCPIP.*
/md5stop
CREATERESTOREPOINT

[*]Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
[*]When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
[*]Attach both logs

Next time I would prefer if you asked me directly to make a restore point or whatever you want me to do rather then having a program do it for me.

After reading the logs I can see the problem is that tcpip is still not installed right. What should I do next?

I always set a restore point in case there is a hiccup with a fix, that way there is a stable point to return to

TCPIP.sys is in the right location

Did you run the avast fix ? As that included the registry data to set the service… If not I will prepare a reg fix

Yes I ran it. and picked it apart and tried to do all the steps manually too. I even removed the entries it put in and restarted it and ran the fix with no luck. I also tried swapping around the tcpip file with the file from the other one I got (slight difference in file size) in different places. Then I edited the bat file to remove the restart at the end and pause it to see that no errors are given when the bat is run.

The avast fix does exactly what it was told to do perfectly, but that doesn’t fix my problem.

Not really as the service registry entry was missing

Download the reg file from the link below to your desktop by right clicking and selecting save as…
https://dl.dropbox.com/u/73555776/TCPIP.reg

Right click the reg file, select Merge
Reboot and try the net again

No change. I also tried running the fix again and installing tcpip from the inf file again just in case and nothing happened.

Well the reg fix once installed should have reset the service… You are using an XP TCPIP file ?

Download Windows Repair (all in one) from this site

Install the programme then run

https://dl.dropbox.com/u/73555776/waio%20start.JPG

Go to step 3 and allow it to run SFC

https://dl.dropbox.com/u/73555776/waio%20step3.JPG

On the start repairs tab click start

https://dl.dropbox.com/u/73555776/waiostart%20rep.JPG

Select the following items and tick restart system when finished

https://dl.dropbox.com/u/73555776/waio%20rep%20list.JPG

I’m using the tcpip included with the avast fix as automatically installed, but I also tried with another one I got from my brother from a XP computer. They both do the same thing, the same nothing that is.

All that repair everything stuff scares the heck out of me. I put a lot of effort into getting my computer the way I want it so I’m going to try only a few of those boxes at a time to avoid undoing my work.

Thanks again essexboy for sticking with me and helping me out. I’ll make a new post tomorrow to let you know what happened or in a few hours if it works.

The system file check opened a window from windows that told me to put the windows XP CD I don’t have into the CD drive that isn’t on my computer over and over and over, so that didn’t help me at all.

I ran the repairs you said other then the safe mode repair, it boots into safe mode now so I’m not going to touch that one sorry. During the repairs the “(program) has encounter a problem and needs to close” window popped up over and over for ever repair (picture included). Still no change.

Download and run farbar service scanner

https://dl.dropbox.com/u/73555776/FSS.gif

Tick “All” options.
Press “Scan”.
It will create a log (FSS.txt) in the same directory the tool is run.

Please copy and paste the log to your reply.

Here ya go.

BITS Service is not running. Checking service configuration: The start type of BITS service is set to Demand. The default start type is Auto.
Could you set BITS service to auto please

If that does not work I have had reasonable success with this programme

Download the ESET services repair tool, extract the file to your desktop.

[*]Double-click ServicesRepair.exe.[*]If security notifications appear, click Continue or Run and then click Yes when asked if you want to proceed.[*]Once the tool has finished, you will be prompted to restart your computer. Click Yes to restart.[*]A log will be saved in the CCSupport folder the tool created on your desktop, please post the content in your next reply.

Next please run FSS again.