PDA

View Full Version : Problems with Computer - Crashed, Avast not working



Sam Bos
25-02-2012, 05:47 PM
Hi Everyone,

Today my computer just turned itself off again (Acer Laptop), for the second time in about a fortnight. Everything seemed fine after the first time, I think I did a Virus Scan and Malware Scan, and from memory I did a boot time scan as well (using Avast Free AntiVirus and Malwarebytes Anti Malware) and I don't recall them finding anything.

But today it crashed again for no apparent reason. So I restart and discover that Avast has stopped working "The avast! antivirus program has been stopped, or is in an inconsistent state. Please re-start the program to resume protecting your system" is the message that the UI shows. But pressing the 'Fix Now' or the 'Start Program' buttons doesn't do anything.

I have tried to un-install Avast in Add/Remove programs (both in Windows and in CCleaner), they both come up with the message "Error reading Product data from "C:\Program Files\Alwil Software\Avast5\Setup\". Setup cannot continue."

I have tried downloading the Avast Removal Utility, but that comes up with the message "The avast! self protection module is enabled. For this reason, the operation cannot be completed. To complete the operation, either run this program from Windows Safe Mode, or disable the avast! self protection (via Settings > Troubleshooting page)."

So I tried disabling the Avast! self protection - Nothing.

Then I tried booting Windows in Safe Mode, but each time I select Safe Mode, it seems to reboot into 'Normal' mode again. So I still can't the the Avast Removal utility.

From the Advanced Boot option menu I have also tried 'Disable automatic restart after system crash' or whatever it is called. Still nothing.

Have tried a System Restore (2 different points) - both of them failed.


I'm a bit stuck now on what to do, any help would be much appreciated.

Thanks heaps
Sam

Speedy Gonzales
25-02-2012, 05:56 PM
Might help if you tell us what the BSOD says. Get bluescreenview if you can still get into windows (http://www.nirsoft.net/utils/bluescreenview_setup.exe) <--- direct link. Then install/run it. What does it say is the cause? If its turning off, it maybe overheating

Sam Bos
25-02-2012, 06:08 PM
Ok I have installed that, but what do I do to make it work? It's currently saying 0 Crashes.

Speedy Gonzales
25-02-2012, 06:12 PM
Cant be crashing then. Unless you used something like ccleaner, and this will delete the dmp files. Post a hijackthis log if you can. So, we can see whats in it (http://downloads.sourceforge.net/project/hjt/2.0.4/HijackThis.exe?r=http%3A%2F%2Fsourceforge.net%2Fpr ojects%2Fhjt%2F&ts=1330146669&use_mirror=cdnetworks-us-2) <-- direct link

Sam Bos
26-02-2012, 08:32 AM
Yea I think I may have run CCleaner after it happened.

Here is my HJT log:


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:31:01 a.m., on 26/02/2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
C:\Windows\PLFSetI.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Fingerprint Sensor\ATSwpNav.exe
C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe
C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\Apple\iTunes\iTunesHelper.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Users\Sam\AppData\Local\Temp\RtkBtMnt.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=1409&s=2&o=vp32&d=0109&m=aspire_5737z
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.co.nz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=1409&s=2&o=vp32&d=0109&m=aspire_5737z
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=1409&s=2&o=vp32&d=0109&m=aspire_5737z
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\sw g.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
O4 - HKLM\..\Run: [BkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATSwpNav] "C:\Program Files\Fingerprint Sensor\ATSwpNav.exe" -run
O4 - HKLM\..\Run: [VitaKeyPdtWzd] C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [EgisTecLiveUpdate] "C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe"
O4 - HKLM\..\Run: [mwlDaemon] C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\Apple\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [EPSON Stylus C59 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIB HP.EXE /FU "C:\Windows\TEMP\E_SFC87.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
O9 - Extra 'Tools' menuitem: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL C:\Windows\system32\guard32.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O22 - SharedTaskScheduler: FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files\Stardock\Fences\FencesMenu.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: GSService - Unknown owner - C:\Windows\system32\GSService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iGroupTec Service (IGBASVC) - Unknown owner - C:\Program Files\Acer\Acer Bio Protection\BASVC.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: MyWinLocker Service (MWLService) - EgisTec Inc. - C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Viewpoint Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 11468 bytes

Speedy Gonzales
26-02-2012, 09:09 AM
Is Avast the AV or IS install?? Not a good idea, having 2 Internet Security programs.

Tick these then tick fix checked.

Close browser/s first

O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon

O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon

O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

Then reboot then see if you can uninstall Avast. Either through add/remove programs. Or with the Uninstall tool

Sam Bos
26-02-2012, 10:10 PM
It's only Avast Antivirus. Ok I fixed those 4 things in HJT, rebooted and tried to uninstall Avast, but all those error messages still come up... and I still can't get into Safe Mode

feersumendjinn
27-02-2012, 01:13 AM
Try doing a chkdsk (http://www.ehow.com/how_4967757_run-chkdsk-utility-vista.html), checking for corrupted files and/or bad sectors on the HDD (quite common on laptops especially if moved a lot while operating), and then do a memory test (http://www.bleepingcomputer.com/tutorials/using-vista-windows-memory-diagnostics-tool/) (leave this running for a while, at least a couple of hours, if nothing shows up right away).

Could also be overheating as Speedy said, when restarting, go into your BIOS (your POST or logo screen should tell you which key to press, usually Del/F2/F10 or similar) and check System health or System monitor or similar, to check your CPU/motherboard/GPU temperatures. (Hopefully, the Acer BIOS will let you do that).

Sam Bos
29-02-2012, 10:55 AM
Ok so I did the chkdsk on Monday night and let the memory test run before I left for work on Tuesday, neither of them came up with any errors.

I emailed Avast and they got back to me, basically their reply was the same as what their website tells you when Avast needs to be uninstalled.
So I emailed the guy back and told him I can't get the computer to boot into Safe Mode. So he gave me a link to somewhere which guided me
on how to set the computer to always boot into safe mode (using msconfig).

But now the computer is on a continuous rebooting cycle, and I can't get it to stop unless I power it off. I did manage to do some startup repair
thing (in the Safe Mode menu when I press F8), and got it to do a System Restore back to about a week and a half ago (Successfully!) But because
the computer is constantly rebooting, I can't actually tell if anything else is fixed. aaaaarrrgggghhhh it's doing my head in haha

wainuitech
29-02-2012, 02:20 PM
Got a second laptop here this week, doing the same rebooting thing, in both cases Avast totally stuffed the bootup, wont boot into safe mode even, all attempts to run system restore have failed. So Avast has to be manually removed -- Oh joy !! Then hopefully it will boot at least good enough to fix them. chkdsk does nothing either.

Had one last week doing the same thing, removed avast and it booted good enough to fix.

Sam Bos
29-02-2012, 03:40 PM
Got a second laptop here this week, doing the same rebooting thing, in both cases Avast totally stuffed the bootup, wont boot into safe mode even, all attempts to run system restore have failed. So Avast has to be manually removed -- Oh joy !! Then hopefully it will boot at least good enough to fix them. chkdsk does nothing either.

Had one last week doing the same thing, removed avast and it booted good enough to fix.

How do you go about manually removing Avast?

wainuitech
29-02-2012, 03:50 PM
By booting from some software I have, ERD commander, deleting all the Avast folders from several locations, then manually going into the registry ( ERD commander has a reg editor) and manually removing every trace.

ERD is not free, and there is no trial, its software thats available through Microsoft Subscriptions. There are other programs about that will do similar, just depends on how much time you want to spend setting them up.

Out of the two I have here, one is now booted OK, First I booted into safe mode, which before it didn't do,then ran the avast removal tool http://www.avast.com/uninstall-utility,the other is still giving problems, but after taking avast out at least now its getting further than before. Couple of more repairs I'm going to try, if they don't work its a complete reinstall, as looking at the files on the drive, it will have other problems as well.

Sam Bos
21-03-2012, 09:30 PM
Bit of a late reply, anyway, got the computer looked at and the guy managed to boot it using 'Last Known Good Configuration', he was then able to get into safe mode to remove Avast, and then re-installed it again and it seemed to be fine. And it was fine with me for a few days, then about a week after I'd got it back, it randomly turned itself off again. So I rebooted but everything seemed fine. Unfortunately I couldn't get a BlueScreenView log, as I'd forgotten I'd previously done a System Restore to a date prior to when I'd installed it. The tech said it may be up for a complete re-install of Windows - if it crashes again anytime soon I will probably be doing so. Will let you know what happens.

Sam