Re: can't reinstall. Avast has been crashing outlook. got remote access popup

Hi. This started on another thread to try to get avast to reinstall but I have been advised to post here.
Here is the log from earlier today.

2018-03-01 00:26:28.510Infoinstup[392,396]Command: ‘“C:\Users\CHRIST~1\AppData\Local\Temp_av_iup.tm~a05456\instup.exe” /edition:3 /ga_clientid:cb72c484-b15e-4c2d-a35a-0f9cb4bda352 /guid:0cbc6bb4-1c1c-4c5d-9222-03bd4abe7f22 /prod:ais /sfx:lite /sfxstorage:C:\Users\CHRIST~1\AppData\Local\Temp_av_iup.tm~a05456’
2018-03-01 00:26:28.510Infoinstup[392,396]CPU: Intel(R) Processor 5Y70 CPU @ 1.10GHz,4
2018-03-01 00:26:28.510Infoinstup[392,396]OS: Windows 8.1 x64
2018-03-01 00:26:28.510Infoinstup[392,396]Memory: 31% load. Phys:4194303/4194303K free, Page:4194303/4194303K free, Virt:4012152/4194176K free
2018-03-01 00:26:28.510Infoinstup[392,396]DISKs: C:\ - 390GB free / 454GB total
2018-03-01 00:26:28.510Infoinstup[392,396]DISKs: D:\ - 2GB free / 21GB total
2018-03-01 00:26:28.510Infoinstup[392,396]Running module version: instup.exe - ‘18.1.3800.0’
2018-03-01 00:26:28.510Infoinstup[392,396]Running module version: Instup.dll - ‘18.1.3800.0’
2018-03-01 00:26:28.510Infomutex[392,396]The ownership of the fallback mutex has been successfully taken.
2018-03-01 00:26:28.526Warningsettings[392,396]Did not find any values in file ‘programData\avast5.ini’
2018-03-01 00:26:28.620Infoshepsync[392,396]Trying server IP address ‘shepherd.ff.avast.com
2018-03-01 00:26:29.214Infoshepsync[392,396]Download of config file from shepherd.ff.avast.com succeeded.
2018-03-01 00:26:29.214Infoshepsync[392,396]Config file successfully updated
2018-03-01 00:26:29.229Infoshepsync[392,396]Postpone interval was reset
2018-03-01 00:26:29.229Warningsettings[392,3124]Did not find any values in file ‘programData\burger_client.ini’
2018-03-01 00:26:29.229Infowizard[392,396]Running module version: HTMLayout.dll - ‘3.3.2.1’
2018-03-01 00:26:29.260Infowizard[392,396]Loaded module version: C:\Users\CHRIST~1\AppData\Local\Temp_av_iup.tm~a05456\HTMLayout.dll - ‘3.3.2.1’
2018-03-01 00:26:29.323Infowizard[392,396]Setup gui was successfully started.
2018-03-01 00:26:29.323Infoinstcore[392,396]Sfx setup update has started.
2018-03-01 00:26:29.338Infoservers[392,396]Server definition(s) loaded for ‘C:\Users\CHRIST~1\AppData\Local\Temp_av_iup.tm~a05456\servers.def’: 29 (maintenance:0)
2018-03-01 00:26:29.338Infoservers[392,396]ChooseServer: selected server ‘Download s4705686 AVAST9 Server’ with current url ‘http://s4705686.iavs9x.u.avast.com/iavs9x’ of type ‘URL_TYPE_DOWNLOAD_PROGRAM’.
2018-03-01 00:26:44.354Errordldwrap[392,396]HttpGet: download failed with error 0x00002bdc!
2018-03-01 00:26:44.354Errordldwrap[392,396]HttpGet: An error 41227 (0x0000A10B) [Downloader system error] has occured when downloading a file from ‘http://s4705686.iavs9x.u.avast.com/iavs9x/servers.def.vpx’. Next try: 1
2018-03-01 00:26:44.354Infoservers[392,396]ChooseServer: selected server ‘Download v4618535 AVAST9 Server’ with current url ‘http://v4618535.iavs9x.u.avast.com/iavs9x’ of type ‘URL_TYPE_DOWNLOAD_PROGRAM’.
2018-03-01 00:27:01.386Errordldwrap[392,396]HttpGet: download failed with error 0x00002bdc!
2018-03-01 00:27:01.386Errordldwrap[392,396]HttpGet: An error 41227 (0x0000A10B) [Downloader system error] has occured when downloading a file from ‘http://v4618535.iavs9x.u.avast.com/iavs9x/servers.def.vpx’. Next try: 2
2018-03-01 00:27:01.386Infoservers[392,396]ChooseServer: selected server ‘Download f7031642 AVAST9 Server’ with current url ‘http://f7031642.iavs9x.u.avast.com/iavs9x’ of type ‘URL_TYPE_DOWNLOAD_PROGRAM’.
2018-03-01 00:27:18.418Errordldwrap[392,396]HttpGet: download failed with error 0x00002bdc!
2018-03-01 00:27:18.418Errordldwrap[392,396]HttpGet: An error 41227 (0x0000A10B) [Downloader system error] has occured when downloading a file from ‘http://f7031642.iavs9x.u.avast.com/iavs9x/servers.def.vpx’. Next try: 3
2018-03-01 00:27:18.418Infoservers[392,396]ChooseServer: selected server ‘Download f6761140 AVAST9 Server’ with current url ‘http://f6761140.iavs9x.u.avast.com/iavs9x’ of type ‘URL_TYPE_DOWNLOAD_PROGRAM’.
2018-03-01 00:27:35.449Errordldwrap[392,396]HttpGet: download failed with error 0x00002bdc!
2018-03-01 00:27:35.449Errordldwrap[392,396]HttpGet: An error 41227 (0x0000A10B) [Downloader system error] has occured when downloading a file from ‘http://f6761140.iavs9x.u.avast.com/iavs9x/servers.def.vpx’. Next try: 4
2018-03-01 00:27:35.449Infoservers[392,396]ChooseServer: selected server ‘Download d0211227 AVAST9 Server’ with current url ‘http://d0211227.iavs9x.u.avast.com/iavs9x’ of type ‘URL_TYPE_DOWNLOAD_PROGRAM’.
2018-03-01 00:27:52.496Errordldwrap[392,396]HttpGet: download failed with error 0x00002bdc!
2018-03-01 00:27:52.496Errordldwrap[392,396]HttpGet: An error 41227 (0x0000A10B) [Downloader system error] has occured when downloading a file from ‘http://d0211227.iavs9x.u.avast.com/iavs9x/servers.def.vpx’. Next try: 5
2018-03-01 00:27:52.496Infoservers[392,396]ChooseServer: selected server ‘Download f6761140 AVAST9 Server’ with current url ‘http://f6761140.iavs9x.u.avast.com/iavs9x’ of type ‘URL_TYPE_DOWNLOAD_PROGRAM’.
2018-03-01 00:28:09.528Errordldwrap[392,396]HttpGet: download failed with error 0x00002bdc!
2018-03-01 00:28:09.544Errordldwrap[392,396]HttpGet: An error 41227 (0x0000A10B) [Downloader system error] has occured when downloading a file from ‘http://f6761140.iavs9x.u.avast.com/iavs9x/servers.def.vpx’. Next try: 6
2018-03-01 00:28:09.544Infoservers[392,396]ChooseServer: selected server ‘Download v6834318 AVAST9 Server’ with current url ‘http://v6834318.iavs9x.u.avast.com/iavs9x’ of type ‘URL_TYPE_DOWNLOAD_PROGRAM’.
2018-03-01 00:28:26.591Errordldwrap[392,396]HttpGet: download failed with error 0x00002bdc!
2018-03-01 00:28:26.591Errordldwrap[392,396]HttpGet: An error 41227 (0x0000A10B) [Downloader system error] has occured when downloading a file from ‘http://v6834318.iavs9x.u.avast.com/iavs9x/servers.def.vpx’. Next try: 7
2018-03-01 00:28:26.591Infoservers[392,396]ChooseServer: selected server ‘Download y9663457 AVAST9 Server’ with current url ‘http://y9663457.iavs9x.u.avast.com/iavs9x’ of type ‘URL_TYPE_DOWNLOAD_PROGRAM’.
2018-03-01 00:28:43.638Errordldwrap[392,396]HttpGet: download failed with error 0x00002bdc!
2018-03-01 00:28:43.638Errordldwrap[392,396]HttpGet: An error 41227 (0x0000A10B) [Downloader system error] has occured when downloading a file from ‘http://y9663457.iavs9x.u.avast.com/iavs9x/servers.def.vpx’. Next try: 8
2018-03-01 00:28:43.638Infoservers[392,396]ChooseServer: selected server ‘Download v6834318 AVAST9 Server’ with current url ‘http://v6834318.iavs9x.u.avast.com/iavs9x’ of type ‘URL_TYPE_DOWNLOAD_PROGRAM’.
2018-03-01 00:29:00.685Errordldwrap[392,396]HttpGet: download failed with error 0x00002bdc!
2018-03-01 00:29:00.685Errordldwrap[392,396]HttpGet: An error 41227 (0x0000A10B) [Downloader system error] has occured when downloading a file from ‘http://v6834318.iavs9x.u.avast.com/iavs9x/servers.def.vpx’. Next try: 9
2018-03-01 00:29:00.685Infoservers[392,396]ChooseServer: selected server ‘Download t5730298 AVAST9 Server’ with current url ‘http://t5730298.iavs9x.u.avast.com/iavs9x’ of type ‘URL_TYPE_DOWNLOAD_PROGRAM’.
2018-03-01 00:29:17.733Errordldwrap[392,396]HttpGet: download failed with error 0x00002bdc!
2018-03-01 00:29:17.733Errordldwrap[392,396]HttpGet: An error 41227 (0x0000A10B) [Downloader system error] has occured when downloading a file from ‘http://t5730298.iavs9x.u.avast.com/iavs9x/servers.def.vpx’. Next try: 10
2018-03-01 00:29:17.733Infoservers[392,396]ChooseServer: selected server ‘Download h1874089 AVAST9 Server’ with current url ‘http://h1874089.iavs9x.u.avast.com/iavs9x’ of type ‘URL_TYPE_DOWNLOAD_PROGRAM’.
2018-03-01 00:29:19.749Infoservers[392,396]ChooseServer: selected server ‘Download z9743321 AVAST9 Server’ with current url ‘http://z9743321.iavs9x.u.avast.com/iavs9x’ of type ‘URL_TYPE_DOWNLOAD_PROGRAM’.
2018-03-01 00:29:34.765Errordldwrap[392,396]HttpGet: download failed with error 0x00002bdc!
2018-03-01 00:29:34.765Errordldwrap[392,396]HttpGet: An error 41227 (0x0000A10B) [Downloader system error] has occured when downloading a file from ‘http://z9743321.iavs9x.u.avast.com/iavs9x/prod-pgm.vpx’. Next try: 1
2018-03-01 00:29:34.765Infoservers[392,396]ChooseServer: selected server ‘Download r5525652 AVAST9 Server’ with current url ‘http://r5525652.iavs9x.u.avast.com/iavs9x’ of type ‘URL_TYPE_DOWNLOAD_PROGRAM’.
2018-03-01 00:29:51.812Errordldwrap[392,396]HttpGet: download failed with error 0x00002bdc!
2018-03-01 00:29:51.812Errordldwrap[392,396]HttpGet: An error 41227 (0x0000A10B) [Downloader system error] has occured when downloading a file from ‘http://r5525652.iavs9x.u.avast.com/iavs9x/prod-pgm.vpx’. Next try: 2
2018-03-01 00:29:51.812Infoservers[392,396]ChooseServer: selected server ‘Download d0211227 AVAST9 Server’ with current url ‘http://d0211227.iavs9x.u.avast.com/iavs9x’ of type ‘URL_TYPE_DOWNLOAD_PROGRAM’.
2018-03-01 00:30:08.859Errordldwrap[392,396]HttpGet: download failed with error 0x00002bdc!
2018-03-01 00:30:08.859Errordldwrap[392,396]HttpGet: An error 41227 (0x0000A10B) [Downloader system error] has occured when downloading a file from ‘http://d0211227.iavs9x.u.avast.com/iavs9x/prod-pgm.vpx’. Next try: 3
2018-03-01 00:30:08.859Infoservers[392,396]ChooseServer: selected server ‘Download p3713387 AVAST9 Server’ with current url ‘http://p3713387.iavs9x.u.avast.com/iavs9x’ of type ‘URL_TYPE_DOWNLOAD_PROGRAM’.
2018-03-01 00:30:25.907Errordldwrap[392,396]HttpGet: download failed with error 0x00002bdc!
2018-03-01 00:30:25.907Errordldwrap[392,396]HttpGet: An error 41227 (0x0000A10B) [Downloader system error] has occured when downloading a file from ‘http://p3713387.iavs9x.u.avast.com/iavs9x/prod-pgm.vpx’. Next try: 4
2018-03-01 00:30:25.907Infoservers[392,396]ChooseServer: selected server ‘Download d3116203 AVAST9 Server’ with current url ‘http://d3116203.iavs9x.u.avast.com/iavs9x’ of type ‘URL_TYPE_DOWNLOAD_PROGRAM’.
2018-03-01 00:30:42.938Errordldwrap[392,396]HttpGet: download failed with error 0x00002bdc!
2018-03-01 00:30:42.953Errordldwrap[392,396]HttpGet: An error 41227 (0x0000A10B) [Downloader system error] has occured when downloading a file from ‘http://d3116203.iavs9x.u.avast.com/iavs9x/prod-pgm.vpx’. Next try: 5
2018-03-01 00:30:42.953Infoservers[392,396]ChooseServer: selected server ‘Download z2217299 AVAST9 Server’ with current url ‘http://z2217299.iavs9x.u.avast.com/iavs9x’ of type ‘URL_TYPE_DOWNLOAD_PROGRAM’.
2018-03-01 00:30:59.985Errordldwrap[392,396]HttpGet: download failed with error 0x00002bdc!
2018-03-01 00:31:00.000Errordldwrap[392,396]HttpGet: An error 41227 (0x0000A10B) [Downloader system error] has occured when downloading a file from ‘http://z2217299.iavs9x.u.avast.com/iavs9x/prod-pgm.vpx’. Next try: 6
2018-03-01 00:31:00.000Infoservers[392,396]ChooseServer: selected server ‘Download z2461313 AVAST9 Server’ with current url ‘http://z2461313.iavs9x.u.avast.com/iavs9x’ of type ‘URL_TYPE_DOWNLOAD_PROGRAM’.
2018-03-01 00:31:17.063Errordldwrap[392,396]HttpGet: download failed with error 0x00002bdc!
2018-03-01 00:31:17.079Errordldwrap[392,396]HttpGet: An error 41227 (0x0000A10B) [Downloader system error] has occured when downloading a file from ‘http://z2461313.iavs9x.u.avast.com/iavs9x/prod-pgm.vpx’. Next try: 7
2018-03-01 00:31:17.079Infoservers[392,396]ChooseServer: selected server ‘Download v7630928 AVAST9 Server’ with current url ‘http://v7630928.iavs9x.u.avast.com/iavs9x’ of type ‘URL_TYPE_DOWNLOAD_PROGRAM’.
2018-03-01 00:31:34.141Errordldwrap[392,396]HttpGet: download failed with error 0x00002bdc!
2018-03-01 00:31:34.141Errordldwrap[392,396]HttpGet: An error 41227 (0x0000A10B) [Downloader system error] has occured when downloading a file from ‘http://v7630928.iavs9x.u.avast.com/iavs9x/prod-pgm.vpx’. Next try: 8
2018-03-01 00:31:34.141Infoservers[392,396]ChooseServer: selected server ‘Download z2461313 AVAST9 Server’ with current url ‘http://z2461313.iavs9x.u.avast.com/iavs9x’ of type ‘URL_TYPE_DOWNLOAD_PROGRAM’.
2018-03-01 00:31:51.188Errordldwrap[392,396]HttpGet: download failed with error 0x00002bdc!
2018-03-01 00:31:51.188Errordldwrap[392,396]HttpGet: An error 41227 (0x0000A10B) [Downloader system error] has occured when downloading a file from ‘http://z2461313.iavs9x.u.avast.com/iavs9x/prod-pgm.vpx’. Next try: 9
2018-03-01 00:31:51.188Infoservers[392,396]ChooseServer: selected server ‘Download f5136535 AVAST9 Server’ with current url ‘http://f5136535.iavs9x.u.avast.com/iavs9x’ of type ‘URL_TYPE_DOWNLOAD_PROGRAM’.
2018-03-01 00:32:08.235Errordldwrap[392,396]HttpGet: download failed with error 0x00002bdc!
2018-03-01 00:32:08.235Errordldwrap[392,396]HttpGet: An error 41227 (0x0000A10B) [Downloader system error] has occured when downloading a file from ‘http://f5136535.iavs9x.u.avast.com/iavs9x/prod-pgm.vpx’. Next try: 10
2018-03-01 00:32:08.235Infoservers[392,396]ChooseServer: selected server ‘Download w6607332 AVAST9 Server’ with current url ‘http://w6607332.iavs9x.u.avast.com/iavs9x’ of type ‘URL_TYPE_DOWNLOAD_PROGRAM’.

Since late 2017 I was having messages in Outlook that Avast adding was causing problems. Outlook would become unresponsive and restart. I tried offline repair. Then I tried online repair of Outlook and it dele voted a problem and failed and all my office icons disappeared. I went to office.com/setup and entered my details and activation key. When I entered them a screen came up with red and yellow colours and error message number saying to ring these numbers in USA/Canada, UK or Australia. I rang ( I know, I know… ) It was a remote access scam from New Delhi. The guy asked me to use gotoviewer and accessed my computer. He looked at avast first. He revealed all the characters of my microsoft activation code email etc. There was a file tree scrolling up and down. He complained about my Internet speed!! But I got suspicious and asked how did I know he was from Microsoft and he didn’t answer that so I disconnected viewer, all windows and turned computer off. He rang on my mobile but I didn’t answer. On 13th Feb outlook crashed and I got blue screen of death. I got out of it before the time elapsed. After first incident I used avast, malwarebytes, the new Zealand one starting with E and another trojan killer. I have used Avast internet security for a few years with updates on automatic. I left malwarebytes on as well after the initial scan. I think Avast found one thing and Malwarebytes found 4 registry type files. After the BSOD I deleted the files in quarantine. I have done scans daily including startup scan. Outlook continues to have problems. I added avast driver update and made sure everything was fully updated. I haven’t had another popup but I don’t feel safe. I made a list of all the Firefox passwords that weren’t in avast and changed them via the mobile phone mostly.
I increased security in some places such as Microsoft and that is how I know someone from New Delhi tried to log into my microsoft account on 15th Feb. I couldn’t update the firmware on the router so I applied to go from adsl to fibre to the Node and get a new modem/router ( I was going to be forced to do it anyway). The new modem is sagemcom 3864v3ac it has very poor wifi which makes reinstalling difficult. Anyway for 2-3 days I couldn’t update avast. It gave me a message it wasn’t up to date. It was still on automatic. I couldn’t make it update. It said unknown error. I read forums here and tried repair, then uninstall, then avast clear not initially in safe mode as only arrow keys and enter and tab working (used usb keyboard as device has bluetooth). Couldn’t reinstall using online .exe file. Would say corrupted or access problem. Tonight I did avast clear and offline .exe install and got icons but it won’t open. Is this malware? Damage from removed files? Modem problem? I can’t change DNS as ISP says I can’t and modem only has 3 options to chose from. I’m in Australia. Could I still have malware?

Attach your basic diagnostic logs. (MBAM and FRST)
Instructions: https://forum.avast.com/index.php?topic=194892

hi attaching mbam and farbar files. Avast will now open after more clicking but freezes and very slow. smart scan says its clear.

mbam

sorry I realised that wasn’t first malwarebytes scan. this is first one after event with registry entries

Avast opens 2min after I click icon then freezes before left buttons appear.

Hi. Avast still freezing very slow to open and not all buttons appear. I decided to try someone else’s computer and it is also saying it’s out of date! On update page connection says connection not established. The updating bar is trying to download files and keeps saying download error. This computer is also on automatic update but has program and virus definitions outdated. It says below that: Threat blocked
Object http//www.nikweinstein.com/image/catalog/prodesc/ontiger205/asics-gel-noosa-tri-6ontisuka-tiger.jpg

OK, now you’ve to wait for one of the malware experts…

Hi. I have fixed the update problem with avast by changing DNS settings in computer and clearing and reinstalling, but I would still appreciate your opinion on the original malware issue that caused the pop up when I went to Microsoft site. Could it still be there waiting for another crash? Thanks.

Does my mbam show any current threat? I am worried about banking on this device. How did I get pop ups when avast was automatically updating?

I don’t see malware in logs. MBAM reported leftovers of PUP software (potentially unwanted programs) which is not malicious but can be annoying.

The following will implement some post-cleanup procedures:

=> Please download DelFix by Xplode to your Desktop.
Run the tool and check the following boxes below;
[i]
http://www.mcshield.net/personal/magna86/Images/checkmark.png
Remove disinfection tools

http://www.mcshield.net/personal/magna86/Images/checkmark.png
Create registry backup

http://www.mcshield.net/personal/magna86/Images/checkmark.png
Purge System Restore [/i]
Click Run button and wait a few seconds for the programme completes his work.
At this point all the tools we used here should be gone. Tool will create an report for you (C:[b]DelFix.txt[/b])

The tool will also record healthy state of registry and make a backup using ERUNT program in %windir%\ERUNT\DelFix
Tool deletes old system restore points and create a fresh system restore point after cleaning.