Connected no problem this morning, Avast 4.7 virus update installed itself, I looked at the online newspapers, switched off and had a late breakfast.
Impossible to reconnect to the Internet. Scanned with Trojan Remover which told me that sens.dll was locked. Went to look at sens.dll and Avast told me it was a trojan.
Turned off Avast, looked at sens.dll with Trojan Remover = no problem.
With Avast still turned off, connected OK on the internet.
Checked with Kasperski on-line scanner = no problem.
sens.dll is part of the files which are needed for going online.
Wasted an hour, thank you Avast.
With the evening I wasted last week because of the useless 4.8 which froze my PC until I uninstalled it [it seems that only Avast’s people can use 4.8], I have had enough.
I don’t want to go into futile discussions about which soundcard / drive / hardware I have, about defragmenting my drive, about uninstalling this and/or that, about doing a restore etc… My PC worked no problem until 4.08 came and went, and until this morning’s upgrade.
Avast will be uninstalled in a few minutes, never to return.
Martin.
Thoroughly fed up, who used Avast for many years.
You could also check the offending/suspect file at: VirusTotal - Multi engine on-line virus scanner and report the findings here. I feel virustotal is the better option as it uses the windows version of avast (more packers supported) and there are currently over 30 different scanners.
If it is indeed a false positive, add it to the exclusions lists: Standard Shield, Customize, Advanced, Add and Program Settings, Exclusions
Restore it to its original location (if you sent it to the chest), periodically check it (scan it in the chest), there should still be a copy in the chest even though you restored it to the original location. When it is no longer detected then you can also remove it from the Standard Shield and Program Settings, exclusions.
Send the sample to virus@avast.com zipped and password protected with the password in email body, a link to this topic might help and false positive in the subject.
Or you can also add the file to the User Files (File, Add) section of the avast chest (if it isn’t in there already) where it can do no harm and send it from there (select the file, right click, email to Alwil Software). No need to zip and PW protect when the sample is sent from chest. A copy of the file/s will remain in the original location, so any further action you take can remove that.
I back up all my dll files on a DVD every so often.
The sens.dll is exactly the same as it was ever since I started backing up dlls.
Exactly same contents, compared as binaries, not a single different byte.
Before assuming I got a bogey, I check whether I am not about to kill a goodie.
When I find “sens.dll should not be disabled, required for essential applications to work properly” and my system has functioned fine for years until the two Avasts disasters, I’ll assume the fault lies with Avast.
As mentioned in my original post, I have now removed Avast from my system and installed Kaspersky. Not an ideal choice, costs money, but I can use my PC.
and I don’t think their support people would go in denial mode if a new version of their product created havoc on consumers’ systems </bitter mode>
If you didn’t want help I don’t know why you bothered posting.
You didn’t bother posting about the problem you had with 4.8, to see if anyone could help you with the problem. I’m not avast people, just an avast user and it works fine for me, so I guess you were too bitter to bother. Good luck in pastures new.
I’m afraid Avast is in big trouble now. There are thousands of users having big problems right now.
Same problem here with sens.dll.
Major problems on several computers updating from 4.7 to 4.8
Have uninstalled, booted in safe mode and doing a clean with latest cleaner.
Now all machines starts as normal.
When I try to install ver. 4.8 again, comp. hangs just before displaying desktop!
…and this false on sens.dll. Win32:Patched-FF[trj] - Not good.
But why you think that this is FP? DLL is really patched (Dll entry point routine contains call to some extra code which is written instead zeros in the original DLL)
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR DllEntryPoint
loc_722B822D: ; CODE XREF: DllEntryPoint+24j
call $+5
pop eax
push eax
pusha
mov ecx, 54B679FEh
push 54B6098Ah
xor [esp+2Ch+var_2C], ecx
push 32D50A93h
xor [esp+30h+var_30], ecx
push esp
add eax, 0FFFF8ED6h
mov ebx, [eax]
call ebx
pop eax
pop ebx
popa
pop eax
add eax, 0FFFF8E7Eh
mov ebx, [eax]
call ebx
jmp loc_722B12CD
; END OF FUNCTION CHUNK FOR DllEntryPoint
; ---------------------------------------------------------------------------
Have you checked it at Virus total ?
If avast is the only one detecting it, have you sent the sample to avast, as outlined on my first reply ?
Without a sample they can’t analyse it and correct the VPS.
If this was the case then everyone with sens.dll would be detecting this and this clearly isn’t the case or the forum would be seeing many more posts about it, see image.
You could try the current beta release which has addressed many of the problems mentioned in the forums.
There are instructions and a link for the file which converts to the beta and you can update, directly from 4.7 through to the 4.8 beta build 4.8.1178. See http://forum.avast.com/index.php?topic=34612.0.
Well, a lot to find out just now My fourth machine is refusing to start normally, but now I also found an infected sens.dll on this one…
…and trz74.tmp with the same virus. Patched-FF. Also msfont.dll: Agent-TVS [trj]
Moved the files to chest, and now it looks like it’s coming to life…
I was running a complete scan on this computer 2 days ago…
Something very strange is going on…
Disable System Restore and reenable it after step 3.
Clean your temporary files.
Schedule a boot time scanning with avast with archive scanning turned on.
Use SUPERantispyware and/or Spyware Terminator to scan for spywares and trojans. If any infection is detected, better and safer is send the file to Quarantine than to simple delete than.