You're not alone. I had a similar problem on my old XP SP3 and went to NOD32, but MSE is doing fine on all my Win 7 machines.. I wonder if MS is focusing on Vista and newer OS with MSE.
Sorry about the Google Chrome stuff. When I installed, avast had some tiny little boxes that could be unchecked so as not to go google. Since I had carefully checked this out in advance, I was able to bypass the google mess.
Let me preface this by saying I'm still sticking to an older build of avast7, build 1426, as I liked the version of auto-sandbox they [temporarily] used there. I keep avast PROGRAM updates on MANUAL, so as not to get the newer versions. I'm assuming with a new install, you have the latest.
Assuming YOU want to control avast's decision making (so as to make your own decisions about potential F/P's), you want to change avast's defaults from quarantine to ASK:
Open the avast interface. click (on the left) on Real-time shields, and modify them ONE AT A TIME: first, click on FILE SYSTEM SHIELD, then toward the right, on EXPERT SETTINGS, when that pops up, select ACTIONS, and indicate the order of actions you wish avast to follow. I select ASK first. That should never "fail", but since I have to enter 3 actions, i have chosen "move to chest" for the second, and "no action" for the third. I repeated these three choices on each of the VIRUS, PUP, and SUSPICIOUS tabs. Select OK when done. Then repeat all the choices for each of the MAIL, P2P, & IM shields.
For WEB SHIELD, I have given it the benefit of doubt, allowing it to abort the connection on a VIRUS, but to ASK me for a PUP or SUSPICIOUS item.
As for BEHAVIOR shield, you'll have to see how your system responds: I found it "excessively chatty" until I UNchecked the box [Expert Settings, Main Settings] to monitor the system for unauthorized changes. With that box UNchecked, I have likewise set the bahavior shield to ASK. (If you find you don't get many prompts with that box checked, I think you should leave it that way.) EDIT: I am relying on WinPatrol to monitor my system for changes, be they authorized or unauthorized.
Also, the behavior shield offered way-too-many prompts any time there was a dot-NET update from Microsoft (sometimes 20 prompts per update!). [I believe some other MSFT updates likewise do so, but I have not personally experienced them.] So whenever I'm downloading/installing .NET updates, I make sure to temporarily disable [just] the BEHAVIOR shield.
Auto-Sandbox: As noted, the auto-sandbox mechanism has (allegedly) been completely changed from the version I use. I have mine ENABLED, and set to ASK. But you'll have to be on your own with this one, given the changes. For me, with the older version, when avast encounters a "suspicious" download or program, it will ASK me whether it should run it in a sandbox, or normally. I *think* that the newer version is merely a "sanboxing TOOL", which tries to further analyze suspicious programs, until it concludes they're either safe or unsafe. [Hopefully, Hernan will have more to say about this, as he's using the newer versions].
There are LOTS of other settings, both from all the TABS on the left hand side, as well as the SETTINGS button on the upper right. It would be prudent for you to take some time... eventually... to check them all out. Hopefully, I've pinpointed the most critical ones for you.
Sorry to hear about your issues with your trusty MSE.
True. There have been several discussions about the choice to opt-in and not to opt-out those little Google boxes during installation, they are hard to see, but I imagine they are included according to whatever business Avast! has with Google.
I think Ky331 summed it up pretty good to all the changes one need to do to avoid any conflict with Avast!.
1.) Switch all shields and scans to "Ask". Web Shield default is to "Abort" and in my opinion should stay like that. For PUPs (Potentially Unwanted Programs) is your choice if you want Avast! to alert you about them or not.
2.) Behavior Shield I have it set to "Ask" and I have not changed any of its settings. It was a little chatty at first but once you exclude those files that triggered it, it is really quite. One thing I have been unable to figure out is how to go thru Microsoft Tuesday without me being there to answer the alerts. Only in XP, with Silverlight and Framework patches, Behavior Shield goes to alert several changes done by installer temp files.
What I do is to switch the Behavior Shield to "Auto-decide" for the updates. I believed Ky331 disables it during the updates.
3.) Unfortunately I do not use Avast! Autosandbox because I run Comodo's instead. I've heard of some issues and complaints about not doing what users want or about the popups alerts not giving enough info.
FYI: If you run MBAM Pro with Avast!. Exclutions done to one another to prevent any potential conflict:
This is not [directly] related to your avast installation, but rather, to your UNinstallation of Chrome: You may find you now have a problem clicking on links in e-mail programs, such as Outlook [Express]. If you do, let me or BB know, and we can tell you what to do.
The problem is that both Chrome AND Firefox each try to "take-command-of" your e-mail links when these programs are installed... but they never relinquish control when you uninstall them! So when you click on e-mail links, your system may still try to open them in Chrome... which you've removed... generating an error/warning message.
For what it's worth, I have NOT set-up any exclusions in Avast, nor in MBAM, for the other program.
My system, particularly the new Win7 one, is running extremely fast. Perhaps the exclusions would make things even faster, but I'm very happy the way things are.
I have also not noted any obvious conflicts between the two.
So unless/until I do, I will leave things as they are... without setting-up any mutual exclusions between avast & mbam.
Perhaps on an older XP, things might go faster with the exclusions Hernan noted???
@Bugbatter: thanks for that info. Nice to know it's not just me.
@ ky331: Thanks also. My goodness, but avast has bloated since I last used it!
I made the changes you suggested, and ran a "quick" scan. It took half an hour! It also suggested I run a boot scan, which I agreed to. It found all sorts of "corrupted" old files in my Downloads folder, which I said to Quarantine. It also identified a C:\system volume information\restore file as infected with Win32 Hack Tool-CB [PUP]
Frankly, I doubt it represents any threat. But this boot scan was taking forever, and after several hours, I terminated it at the 1% scan completed level.
To be honest, I'm getting pretty fed up with these AVs.
Thanks also for the email link advice. Haven't seen any problems so far, but will keep it in mind.
@Hernan: Thank you also. Lots of info to absorb in the last 24 hours.
"My goodness, but avast has bloated since I last used it!... To be honest, I'm getting pretty fed up with these AVs."
This is a key difference between, say, MSE and Avast: Avast offers the user a plethora of options that can be tweaked, if so desired. It takes a while to go through them all completely, and yes, the process can be quite intimidating. But once set as desired, there should be little need to adjust them any further.
And despite having all my shields set to ASK, it's rare [aside from the behavior shield and .NET updates] that I ever hear a peep out of avast. It's running very quietly. And it's significantly quieter on Win7 than it was on XP [as it seems there's no Script shield activity for me on Win7. Others have reported this, and it may be a glitch, but as long as my File System, Network, Web, and IM shields appear to be working correctly, I'm not about to repair nor reinstall avast to try to "fix" the script shield].
[EDIT: I was preparing this post, checking its details, and did not see Hernan's similar post until after I had already completed this one...]
Joe,
Avast includes a[n optional] "persistent cache", which can remember the results of its scanning, and take advantage of the information to speed-up subsequent scans.
Open avast. click on SCAN COMPUTER. for the type of scan you wish to run, make sure you can see its details (click on MORE DETAILS if that all you see), click on the SETTINGS for that type of scan, select PERFORMANCE, and you'll see too boxes: the first, to speed up scanning by using the persistent cache; the second, to store data about scanned files in the persistent cache. On FULL SCAN, I have checked BOTH boxes; on QUICK Scan, I've checked only the first.
My FULL SCAN scans for PUPS; my QUICK SCAN does NOT.
There are several other types of scans (Removable media, or via Windows Explorer) --- I'll leave it up to you how you want to "tweak" these.
I would strongly suggest you take the time to run a FULL scan, with the "store data in persistent cache" checked, so as to build-up your peristant cache.
FWIW, I've NEVER run the boot scan, even when prompted. I was afraid of what it might take into its own hands.
Yes Avast! like to say it found all sort of corrupted files. Most of them are cab or zip files that can not read and Avast! identifies them as corrupted, but they might not be. The Win32 Hack Tool-CB[PUP] is just a Potentially Unwanted Program you probably had installed before. It is not malware, but a program that can be used for good or evil.
To speed up your next scans please mark both boxes in:
This will implement a memory of the files already scanned, and they will only be scanned again if and only if they have been modified in any way lately.
Just a comment/clarification to anyone else reading this thread:
There are two types of computer users. There are "average" users, who don't want to be bothered with a "chatty" anti-virus program --- they simply want to "set it and forget it". For such users, they can leave the avast defaults as the were: avast will automatically quarantine any any suspicious files it finds. I believe this is standard --- other anti-virus programs do the same.
The problem with auto-quarantining is that EVERY anti-virus program is occasionally guilty of generating a "false positive" (F/P) result --- "thinking" that a good/clean file is infected. Hopefully, such cases will be few and far-between, and of minimal consequence [e.g., not applied to a critical system file].
Then there are "knowledgeable" users like Joe, who prefer to be in command --- make the decision about potential F/Ps on their own --- by not panicking when prompted, by then following-up with research, ultimately making a decision what he wants avast to do. Knowing Joe, that's why Hernan and I are recommending he adjust all of Avast's shields [and yes, scanners too --- sorry I didn't think about that --- thanks Hernan :emotion-2: ] to ASK him what to do. For anyone who does NOT want to research and make your own decisions, you should leave the avast defaults as they were [and hope for the best].
avast allows users to save (export/import) all their customized settings, just in case you have to uninstall/reinstall/upgrade at some point:
open avast. click on SETTINGS (upper right). MAINTENANCE. scroll down to SETTINGS BACKUP. click on BACK UP SETTINGS. A pop up will tell you which settings you can save--- I'd check ALL of them. then CONTINUE to (name and) SAVE the file.
Bugbatter
3 Apprentice
•
20.5K Posts
0
October 13th, 2012 19:00
You're not alone. I had a similar problem on my old XP SP3 and went to NOD32, but MSE is doing fine on all my Win 7 machines.. I wonder if MS is focusing on Vista and newer OS with MSE.
ky331
3 Apprentice
•
15.6K Posts
0
October 13th, 2012 20:00
Joe,
Sorry about the Google Chrome stuff. When I installed, avast had some tiny little boxes that could be unchecked so as not to go google. Since I had carefully checked this out in advance, I was able to bypass the google mess.
Let me preface this by saying I'm still sticking to an older build of avast7, build 1426, as I liked the version of auto-sandbox they [temporarily] used there. I keep avast PROGRAM updates on MANUAL, so as not to get the newer versions. I'm assuming with a new install, you have the latest.
Assuming YOU want to control avast's decision making (so as to make your own decisions about potential F/P's), you want to change avast's defaults from quarantine to ASK:
Open the avast interface. click (on the left) on Real-time shields, and modify them ONE AT A TIME: first, click on FILE SYSTEM SHIELD, then toward the right, on EXPERT SETTINGS, when that pops up, select ACTIONS, and indicate the order of actions you wish avast to follow. I select ASK first. That should never "fail", but since I have to enter 3 actions, i have chosen "move to chest" for the second, and "no action" for the third. I repeated these three choices on each of the VIRUS, PUP, and SUSPICIOUS tabs. Select OK when done. Then repeat all the choices for each of the MAIL, P2P, & IM shields.
For WEB SHIELD, I have given it the benefit of doubt, allowing it to abort the connection on a VIRUS, but to ASK me for a PUP or SUSPICIOUS item.
As for BEHAVIOR shield, you'll have to see how your system responds: I found it "excessively chatty" until I UNchecked the box [Expert Settings, Main Settings] to monitor the system for unauthorized changes. With that box UNchecked, I have likewise set the bahavior shield to ASK. (If you find you don't get many prompts with that box checked, I think you should leave it that way.) EDIT: I am relying on WinPatrol to monitor my system for changes, be they authorized or unauthorized.
Also, the behavior shield offered way-too-many prompts any time there was a dot-NET update from Microsoft (sometimes 20 prompts per update!). [I believe some other MSFT updates likewise do so, but I have not personally experienced them.] So whenever I'm downloading/installing .NET updates, I make sure to temporarily disable [just] the BEHAVIOR shield.
Auto-Sandbox: As noted, the auto-sandbox mechanism has (allegedly) been completely changed from the version I use. I have mine ENABLED, and set to ASK. But you'll have to be on your own with this one, given the changes. For me, with the older version, when avast encounters a "suspicious" download or program, it will ASK me whether it should run it in a sandbox, or normally. I *think* that the newer version is merely a "sanboxing TOOL", which tries to further analyze suspicious programs, until it concludes they're either safe or unsafe. [Hopefully, Hernan will have more to say about this, as he's using the newer versions].
There are LOTS of other settings, both from all the TABS on the left hand side, as well as the SETTINGS button on the upper right. It would be prudent for you to take some time... eventually... to check them all out. Hopefully, I've pinpointed the most critical ones for you.
iroc9555
2 Intern
•
1K Posts
0
October 14th, 2012 07:00
Hi Joe.
Sorry to hear about your issues with your trusty MSE.
True. There have been several discussions about the choice to opt-in and not to opt-out those little Google boxes during installation, they are hard to see, but I imagine they are included according to whatever business Avast! has with Google.
I think Ky331 summed it up pretty good to all the changes one need to do to avoid any conflict with Avast!.
1.) Switch all shields and scans to "Ask". Web Shield default is to "Abort" and in my opinion should stay like that. For PUPs (Potentially Unwanted Programs) is your choice if you want Avast! to alert you about them or not.
2.) Behavior Shield I have it set to "Ask" and I have not changed any of its settings. It was a little chatty at first but once you exclude those files that triggered it, it is really quite. One thing I have been unable to figure out is how to go thru Microsoft Tuesday without me being there to answer the alerts. Only in XP, with Silverlight and Framework patches, Behavior Shield goes to alert several changes done by installer temp files.
Eg: 10/10/2012 8:56:50 Modification of: \REGISTRY\MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\
By: C:\WINDOWS\Installer\MSIEE.tmp
Via: C:\WINDOWS\system32\MsiExec.exe
-> Action allowed
What I do is to switch the Behavior Shield to "Auto-decide" for the updates. I believed Ky331 disables it during the updates.
3.) Unfortunately I do not use Avast! Autosandbox because I run Comodo's instead. I've heard of some issues and complaints about not doing what users want or about the popups alerts not giving enough info.
FYI: If you run MBAM Pro with Avast!. Exclutions done to one another to prevent any potential conflict:
Section K:
http://forums.malwarebytes.org/index.php?showtopic=10138&st=0&p=417798&#entry417798
also you may add this to MBAM ignore list since it is where Avast! unpacks its updates: C:\WINDOWS\Temps\_avast_
Regards.
ky331
3 Apprentice
•
15.6K Posts
0
October 14th, 2012 07:00
Another matter:
This is not [directly] related to your avast installation, but rather, to your UNinstallation of Chrome: You may find you now have a problem clicking on links in e-mail programs, such as Outlook [Express]. If you do, let me or BB know, and we can tell you what to do.
The problem is that both Chrome AND Firefox each try to "take-command-of" your e-mail links when these programs are installed... but they never relinquish control when you uninstall them! So when you click on e-mail links, your system may still try to open them in Chrome... which you've removed... generating an error/warning message.
ky331
3 Apprentice
•
15.6K Posts
0
October 14th, 2012 07:00
In response to Hernan's comments:
For what it's worth, I have NOT set-up any exclusions in Avast, nor in MBAM, for the other program.
My system, particularly the new Win7 one, is running extremely fast. Perhaps the exclusions would make things even faster, but I'm very happy the way things are.
I have also not noted any obvious conflicts between the two.
So unless/until I do, I will leave things as they are... without setting-up any mutual exclusions between avast & mbam.
Perhaps on an older XP, things might go faster with the exclusions Hernan noted???
joe53
2 Intern
•
5.8K Posts
0
October 14th, 2012 07:00
@Bugbatter: thanks for that info. Nice to know it's not just me.
@ ky331: Thanks also. My goodness, but avast has bloated since I last used it!
I made the changes you suggested, and ran a "quick" scan. It took half an hour! It also suggested I run a boot scan, which I agreed to. It found all sorts of "corrupted" old files in my Downloads folder, which I said to Quarantine. It also identified a C:\system volume information\restore file as infected with Win32 Hack Tool-CB [PUP]
Frankly, I doubt it represents any threat. But this boot scan was taking forever, and after several hours, I terminated it at the 1% scan completed level.
To be honest, I'm getting pretty fed up with these AVs.
Thanks also for the email link advice. Haven't seen any problems so far, but will keep it in mind.
@Hernan: Thank you also. Lots of info to absorb in the last 24 hours.
ky331
3 Apprentice
•
15.6K Posts
0
October 14th, 2012 08:00
"My goodness, but avast has bloated since I last used it!... To be honest, I'm getting pretty fed up with these AVs."
This is a key difference between, say, MSE and Avast: Avast offers the user a plethora of options that can be tweaked, if so desired. It takes a while to go through them all completely, and yes, the process can be quite intimidating. But once set as desired, there should be little need to adjust them any further.
And despite having all my shields set to ASK, it's rare [aside from the behavior shield and .NET updates] that I ever hear a peep out of avast. It's running very quietly. And it's significantly quieter on Win7 than it was on XP [as it seems there's no Script shield activity for me on Win7. Others have reported this, and it may be a glitch, but as long as my File System, Network, Web, and IM shields appear to be working correctly, I'm not about to repair nor reinstall avast to try to "fix" the script shield].
ky331
3 Apprentice
•
15.6K Posts
0
October 14th, 2012 08:00
[EDIT: I was preparing this post, checking its details, and did not see Hernan's similar post until after I had already completed this one...]
Joe,
Avast includes a[n optional] "persistent cache", which can remember the results of its scanning, and take advantage of the information to speed-up subsequent scans.
Open avast. click on SCAN COMPUTER. for the type of scan you wish to run, make sure you can see its details (click on MORE DETAILS if that all you see), click on the SETTINGS for that type of scan, select PERFORMANCE, and you'll see too boxes: the first, to speed up scanning by using the persistent cache; the second, to store data about scanned files in the persistent cache. On FULL SCAN, I have checked BOTH boxes; on QUICK Scan, I've checked only the first.
My FULL SCAN scans for PUPS; my QUICK SCAN does NOT.
There are several other types of scans (Removable media, or via Windows Explorer) --- I'll leave it up to you how you want to "tweak" these.
I would strongly suggest you take the time to run a FULL scan, with the "store data in persistent cache" checked, so as to build-up your peristant cache.
FWIW, I've NEVER run the boot scan, even when prompted. I was afraid of what it might take into its own hands.
iroc9555
2 Intern
•
1K Posts
0
October 14th, 2012 08:00
Joe.
Yes Avast! like to say it found all sort of corrupted files. Most of them are cab or zip files that can not read and Avast! identifies them as corrupted, but they might not be. The Win32 Hack Tool-CB[PUP] is just a Potentially Unwanted Program you probably had installed before. It is not malware, but a program that can be used for good or evil.
To speed up your next scans please mark both boxes in:
Avast! > Settings > SCAN COMPUTER > Scan now > Quick/Full scan > More details > Settings > Performance > Persistence cache
This will implement a memory of the files already scanned, and they will only be scanned again if and only if they have been modified in any way lately.
ky331
3 Apprentice
•
15.6K Posts
0
October 14th, 2012 08:00
Just a comment/clarification to anyone else reading this thread:
There are two types of computer users. There are "average" users, who don't want to be bothered with a "chatty" anti-virus program --- they simply want to "set it and forget it". For such users, they can leave the avast defaults as the were: avast will automatically quarantine any any suspicious files it finds. I believe this is standard --- other anti-virus programs do the same.
The problem with auto-quarantining is that EVERY anti-virus program is occasionally guilty of generating a "false positive" (F/P) result --- "thinking" that a good/clean file is infected. Hopefully, such cases will be few and far-between, and of minimal consequence [e.g., not applied to a critical system file].
Then there are "knowledgeable" users like Joe, who prefer to be in command --- make the decision about potential F/Ps on their own --- by not panicking when prompted, by then following-up with research, ultimately making a decision what he wants avast to do. Knowing Joe, that's why Hernan and I are recommending he adjust all of Avast's shields [and yes, scanners too --- sorry I didn't think about that --- thanks Hernan :emotion-2: ] to ASK him what to do. For anyone who does NOT want to research and make your own decisions, you should leave the avast defaults as they were [and hope for the best].
ky331
3 Apprentice
•
15.6K Posts
0
October 14th, 2012 09:00
One last thing (for now :emotion-5: )
avast allows users to save (export/import) all their customized settings, just in case you have to uninstall/reinstall/upgrade at some point:
open avast. click on SETTINGS (upper right). MAINTENANCE. scroll down to SETTINGS BACKUP. click on BACK UP SETTINGS. A pop up will tell you which settings you can save--- I'd check ALL of them. then CONTINUE to (name and) SAVE the file.