Windows Security Alert, other issues

I’m new to avast with today being the first time I have used it. I have had some problems but I believe I have fixed almost all of them.

First, avast was slow to start, and when it was finished doing whatever it had to do, I only had 2 providers running. I also had a problem logging into windows. There was a long delay after I entered my password and ‘loading personal settings’ was displayed. Explorer was slow to react too after getting into windows. For about 2 minutes it acted like it locked up. This problem went away after time though but repeated on each reboot.

I researched for a couple of hours and checked the program settings\Common\Troubleshooting\Delay loading of avast! services… and also added a line in my avast4.ini ‘AlwaysConnectedWaitSeconds=120’ and now my machine boots fast again, no explorer hang issue, and now I have 4 providers running. Not sure why there was 2 before and now there is 4, but all seems to be well.

THE ONLY ISSUE I have now is that my Windows Security is showing an alert saying
avast! antivirus 4.8.1368 [VPS 091216-0] reports that it is turned off.
The avast blue ball is, well, blue though with no little icons in it. I can scan just fine, email shows the clean message in it. Surfing and email checking spins the ball.

I fully updated windows today, synced my system time and verified that it is accurate to less than a second, and do not have any other antivirus applications installed. I DID have AVG but uninstalled it and verified that none of its services are present and running. I also noticed that the AVG scanning right-click context menu entry was also removed if that even matters.

I wanted to ask here about the Windows Security Center notification before turning it off.

I searched these forums and globally using Google for about an hour with various keywords before posting this so if I missed something about fixing this I sincerely apologize.

Thank you and regards,
Gary
Hopworks

EDIT: I’m becoming really excited and happy with this application! Especially the level of control that is allowed. I’m sure that can lead to issues if not properly tweaked, but I love how the option is mine. I also like the forums for the quality of information and the forum engine, and for some of the users length of use with avast. Switching to avast today is proving to be a really good decision. ;D

The Windows Security Center can at times be somewhat flaky, before going on to that lets first find out more as hat you are reporting may well be unrelated to the WSC.

How did you get rid of AVG ?

What avast processes are running in Task Manager, they begin with ash or asw, see image ?

I used settings/add remove programs to uninstall AVG. Since you are suggesting a remover, I must assume there are residual garbage from AVG. Is it safe to use it now after I have already uninstalled and will it effect my avast installation?

What avast processes are running in Task Manager, they begin with ash or asw, see image ?
I have all five processes that show in the image you presented. I also checked the names and they do match.

Thank you for the reply!

Regards,
Gary
Hopworks

EDIT: I researched the removal tool and decided to run it, the 32 bit version applicable to me. I must have had very little to do because it executed and exited very quickly. I didn’t get a prompt to reboot but I did anyway. The issue is still there with WSC.

OK, my suspicion about avg remnants was based on your comment about “I only had 2 providers running” but it is still worth running to make sure all remnants are gone.

You have the main avast processes so it should be running correctly. As far as providers (shields) goes avast has 7 and 6 should be running (not the Outlook/Exchange provider as that is only if MS Outlook is installed), unless you have terminated any of then ?

The fact that all 5 avast processes are running indicates a problem with the WSC rather than avast:

I don’t know what OS you are running ?
The above is for winXP, I don’t know if that also works on Vista.

After removing AVG traces, repair your installation:
Go to Control Panel > Add/Remove programs > avast! antivirus > Remove. Then choose Repair function in the popup window (Repair).
If this does not help, uninstall / boot / install / boot again.

Sorry for the long winded reply. I wanted to include as much info as I could for anyone that finds themselves in a similar situation and searches for help on it.

Thank you for offering this fix! And thank you to everyone that responded to my thread!

I tried repairing but the same problem persisted. I also only had 4 providers running, not 6 (or 7) so I decided to uninstall and reinstall, booting in between of course. This time I didn’t go with a custom configuration as well. I did the standard one that installs the outlook email protection, even though I don’t use Outlook, or Outlook EXPRESS for that matter. Anyway, that seemed to do the trick. I didn’t have the slow boot I had on my initial install so this time I felt no need to edit the avast4.ini file to put in the delay. I also now have 6 providers running instead of 4.

And the WSC warning is now gone. THANK YOU!

I seem to have a nagging issue opening Windows Explorer (windows key + E). When I do that, explorer seems to lock up for about a minute, but then the problem ends and windows explorer opens. The problem persists on subsequent attempts to open additional instances of Windows Explorer. I’m not sure if it is related to avast, but on my first install when I edited the avast4.ini file and added that line that delays loading AlwaysConnectedWaitSeconds=120 I was able to open a windows explorer instance immediately. I’ll work the issue and post what I find in this thread.

Could it be related to the rootkit detection feature? I also deactivated that on my previous install. Sorry I forgot to mention that. I left that option alone on this install. Anyway, I DO have one rootkit via Alcohol 120%. They deny using one, but a couple of days of exhaustive research and experimentation showed that the program actually does use one albeit not nefariously. I think it has something to do with DRM and mounted images actually working as a mounted resource. I’m a huge fan of making an image of my expensive software and then wrapping it up for safe keeping. Creative Labs driver discs for my older sound card hardware and the nightmare of finding an online replacement of the past taught me that lesson.

ANYWAY

Not that it matters now, but someone else might encounter this problem and/or this thread, so to be complete…
OS: Windows XP Professional with Service Pack 3, fully updated up to the date of this thread.
EMAIL: Mozilla Thunderbird version 2.0.0.23 (20090812)
BROWSER: Mozilla Firefox/3.5.5 GTB5 (.NET CLR 3.5.30729) with NoScript, AdBlock Plus, Firebug, Greasemonkey, FirePHP, and other addons
OTHER:

  • Apache Server 2.2.14 (32 bit)
  • MySQL 5.1.41-community
  • NetBeans IDE 6.8 (Build 200912041610)
  • Java: 1.6.0_17; Java HotSpot™ Client VM 14.3-b01
  • Ruby 1.8.6 (2008-08-11 patchlevel 287) [i386-mswin32]
  • Rake, version 0.8.7
  • SQL Server Express 2008 - Not sure the version, but it is updated.

You’re welcome, glad that you have the WSC sorted now.

avast checks for updates once you have a connection established, so for those on broadband that automatically connects, this happens very early after the boot, so the update check uses CPU and RAM and this may slow the completion of the boot. Delaying it would help that, though I haven’t heard of it impacting on explorer before.

EDIT: I’m going to put that connection delay back in and see if that remedies the problem. Thanks for clarifying that for me.

I’m going to work some scenarios from information I gathered from my rootkit via Alcohol 120% research. What started that for me was a rootkit search using the AVG offered application. When it detected one, I panicked of course. I spent a lot of time nailing the cause down and was then relieved as to the reason. No software provider would admit to using one, not in their right mind anyway. It took some savvy gurus at Anandtech.com and a ubuntu and CentOS forums to clear that up for me.

But the rootkit detection feature is my guess at the cause, and I’ll have to eliminate that rootkit instance to be sure of that. If that ISN’T the cause, then I can try other things. I really blew it on my first install of avast by changing more than one thing at once to diagnose an issue. It’s just something that anyone working an issue should not do. Leaping before walking keeps you from learning the true cause of a problem. Everyone at my level of expertise knows that. I just failed to follow that path and I might be paying for it.

I want to add that I am really happy with the free version of this software! So much so that I am considering the retail version. Until I tried Avast, I had no idea that there was a solid viable solution to AVG. With that said, I sincerely hope the makers of avast keep in mind that the free version not only provides the computing community a service, it really helps to bring customers in. It would be smart to put links on the front page to places that host virus detection software comparisons on individual file scans. Many of those links are universities! That is what won avast over for me. The lack of false positives (yes there are some, but not as many as AVG), the better detection, and the stability. Then people can see for themselves without worrying about result bias.

I’m all but ready to recommend it to all my clients I build computers for, and previous clients I recommended AVG to. I need to give it a week to fully trust it, but so far, so very good.

Gary
Hopworks

I almost never reply to my own posts, but I wanted to add the fix that fixed my delayed Windows Explorer issue.

Editing the avast4.ini file and adding the line AlwaysConnectedWaitSeconds=120 at the end solved the issue for me!

My system boots faster than ever before, probably because I used AVG for God knows how long. THANK YOU DavidR for the clarification that saved me hours of work disabling my one ROOTKIT I know about.

I have to wonder why that rootkit isn’t detected now though, or maybe it doesn’t exist as I thought it did. It only happens when I have the mounted image autoloaded on reboot. Or perhaps software updates with Alcohol 120% fixed it. Who knows?

Maybe the update for avast was happening before my ethernet drivers actually loaded. Anyone reading this as a fix should please keep in mind that my system is unique for me and all the stuff (services) I have loading could have crossed the timing-line that made this happen to me. Most casual users probably won’t even see an issue.

But the fix worked and now I don’t have a single issue to complain about. Looks like today’s adventure of changing virus detection software has finally come to a close. And I’m really happy about it too.

Thanks again for the post replies, and the tech reply from ‘tech’ that pushed me in the right direction. I am eternally grateful and after a week of use, will be HAPPY to recommend avast to all I encounter. And I encounter quite a few, on any given day.

Regards,

Gary
Hopworks

You’re welcome. Feel free to come back any time you need help or just to change experiences 8)

You’re very welcome.

I don’t know if it is the ethernet drivers not actually loaded at the time, as I would have though that would have blocked any connection so avast wouldn’t see a connection was present and try to check for updates. The main thing is that you are in business now.