Author Topic: Avast Web shield  (Read 19329 times)

Offline DAV2

  • Full Member
  • ***
  • Posts: 104
    • Personal Message (Offline)
Re: Avast Web shield
« Reply #75 on: March 17, 2011, 03:00:40 PM »
Ok, after the more than 100th crash of Win Pro 7, I did a complete reinstall from scratch/kill. (The more than 30th in last 1 year.) Avast found another Trojan in the memory dump of the crash and Win pro was already well along on its usual self destructive behavior, that starts with its erasing its logs and downloading Trojans/viruses from the net with contact only. (I try to only load necessary updates from MS only and this load has only signed drivers now, unlike the LAST THAT HAD UNSIGNED DRIVERS AND NOT WHERE WIN PRO 7 SAID THEY WERE. This is also what WP7 does before it self destructs. It looses tract of its own drivers. It says they are in directories that they are not or they are in directories that WP7 can not find.)  I was also wondering if it was normal to have hidden partitions on the drives that WP7 can not find? It can find only the root and the system hidden, but it can not find the others and I was wondering if this was normal?
I stopped using Zonealarm after it failed 9 of 9 tests and tried Avast FW, but it failed 5 of the 9 tests, so I went to Com. It passed 9 for 9 of the tests, but I can not recommend it, for other reasons.
Can Avast be configured to stop the Trojans during the active load and not just find them in the backups and memory dumps? Can Avast be configured to stop the placement of the Trojans before the erasures of logs and the moving of drivers that become unsigned to directories WP7 can not find and creation of hidden partitions that WP7 can not see? Thanks.

doktornotor

  • Guest
Re: Avast Web shield
« Reply #76 on: March 17, 2011, 03:10:34 PM »
Ok, after the more than 100th crash of Win Pro 7, I did a complete reinstall from scratch/kill. (The more than 30th in last 1 year.)

Dude, dunno what you are doing really, but:

0/ Read Best Free Drive Imaging Program article, make your choice, install, make an image of fresh clean OS+applications install.
1/ Change your surfing habits, stop surfing/working under admin account and stop downloading and installing crap such as warez, keygens, cracks etc. from dubious sources. Browsing random pr0n does not help either.
2/ If you are really unwilling to do the above, at least get yourself something like Avast Pro/AIS (paid) or Sandboxie (paid or free) and browse sandboxed and use all the stuff mentioned above in sandbox.
3/ No idea what kind of FW tests you have conducted but if they were the leak tests Matousec style (as the Comodo results would suggests) then you are not really testing firewall functionality.

With 30+ reinstalls per year, the problem is between the chair and the keyboard apparently.  ::)
« Last Edit: March 17, 2011, 03:12:07 PM by doktornotor »

Offline DAV2

  • Full Member
  • ***
  • Posts: 104
    • Personal Message (Offline)
Re: Avast Web shield
« Reply #77 on: March 17, 2011, 03:38:19 PM »
Thanks. I would work more to the image, but the problems stated above start with contact to the net and the working load needs contact to the net to start working before the load of software. The sights are not contacted by me. They are contacted by MS WP7. I do not surf sights per say. I do log on to sights like this to get help only. That is when the above starts to disintegrate WP7.
Thanks for the info see attached test result of Avast. (Avast Pro/AIS (paid)) Com... passed this test.

doktornotor

  • Guest
Re: Avast Web shield
« Reply #78 on: March 17, 2011, 03:48:18 PM »
Thanks. I would work more to the image, but the problems stated above start with contact to the net and the working load needs contact to the net to start working before the load of software.

Absolutely no idea what are you trying to say ??? ??? ???

The sights are not contacted by me. They are contacted by MS WP7.

Windows does not contact warez/p0rn sites. If you are infected yet again, go wipe the drive and reinstall once again from scratch. After you have finished installing, make an image of clean system.

Thanks for the info see attached test result of Avast. (Avast Pro/AIS (paid)) Com... passed this test.

Never heard about AWFT but as said again, leak tests are essentially useless.

Offline DAV2

  • Full Member
  • ***
  • Posts: 104
    • Personal Message (Offline)
Re: Avast Web shield
« Reply #79 on: March 17, 2011, 04:41:37 PM »
Thanks again. Win Pro 7 is loaded by Genuine Holographic and verified by MS load disk, but before it will work it needs to be updated and allowed by MS through contact with the net. All the problems stated above start at this point and before install of software (except Avast etc.). I do not contact porn sites and the only sights I contact are like this and programmers running sights like this. All I am trying to do is get and keep a working load of WP7 that does not log onto sights that I have never seen and load Trojans that Avast only finds in memory dumps and backups. I do not think that that is asking too much? You are correct, that I am trying to learn how best to evaluate security software that actually works and addresses the issues above.
I actually do not know the sights that WP7 contacts. All I know is that it must be designed to do that, because it does it by itself. What I would like to know is if the above stated is normal or not and then start addressing how to stop any abnormal and forget about normal. Hidden partitions that WP7 can not see other than working and hidden system that WP7 does see? Directories of drivers that WP7 does not see, but reports being in other directories that they are not? etc. Thanks.

Offline logos

  • avast! Überevangelist
  • Serious Graphoman
  • *****
  • Posts: 9456
  • Gender: Male
    • Personal Message (Offline)
Re: Avast Web shield
« Reply #80 on: March 17, 2011, 04:47:11 PM »
 ??? ??? ???
w7 - ais7

doktornotor

  • Guest
Re: Avast Web shield
« Reply #81 on: March 17, 2011, 04:53:49 PM »
Thanks again. Win Pro 7 is loaded by Genuine Holographic and verified by MS load disk, but before it will work it needs to be updated and allowed by MS through contact with the net. All the problems stated above start at this point and before install of software (except Avast etc.)

Yeah, and the problem exactly is? Like, can't you let the computer update itself without infecting it meanwhile by browsing stupid sites? Just leave it alone until it's updated, do not browse and do not install anything downloaded from god knows what source. Wait until it's done. Are you racing somewhere, or what?

What I would like to know is if the above stated is normal or not and then start addressing how to stop any abnormal and forget about normal. Hidden partitions that WP7 can not see other than working and hidden system that WP7 does see? Directories of drivers that WP7 does not see, but reports being in other directories that they are not? etc. Thanks.

Yeah the hidden partition is normal, the second thing is also normal - Windows maintains a list of last used locations in registry and doesn't check whether you have deleted or moved the drivers somewhere else meanwhile... All this is also completely off-topic here.

P.S. And kindly don't tell me that all the trojans keep spreading mysteriously out of nowhere to your computer without you doing anything -> BS.  ::)

Offline DAV2

  • Full Member
  • ***
  • Posts: 104
    • Personal Message (Offline)
Re: Avast Web shield
« Reply #82 on: March 24, 2011, 03:12:18 PM »
Doktornotor, thanks. I apologize for not being a computer expert like yourself, but I rarely download anything from the net. I have never contacted a "warez/p0rn sites" to the best of my knowledge. As far as MS software, that is what I am trying to understand the security applications like Avast. I know that MS has the ability to disable its own firewall all by itself, because I saw it do it as I was waiting on manual verification/validation from MS. The only software loaded at the time was MS. I also let MS load all its updates before I load others, except Avast etc.
Would like Avast to tell me when it stops running. Now I only see it when real time shield stops working or win logs state it, before MS erases them automatically. Com... at least tells me it has stopped working and I need to reboot.(a lot)
Also would like to get MS IE8 to keep protected mode on. It drops it every time I connect to my brokers web site. These are a few of the security problems I am still trying to fix in MS. Thanks for your help.
Thanks for clarifying all the hidden partitions that MS does not see and are only visible when I do a kill disk and thanks for clarifying all the drivers that MS moves automatically then forgets where it placed them.
« Last Edit: March 24, 2011, 03:19:29 PM by DAV2 »

Offline DAV2

  • Full Member
  • ***
  • Posts: 104
    • Personal Message (Offline)
Re: Avast Web shield
« Reply #83 on: April 13, 2011, 04:02:51 PM »
"trojans keep spreading mysteriously" That is the problem. I am trying to understand how this happens consistently. All I know that I try to download only essential/needed software, like Avast and needed updates only. I never do p to p or any porn/copy site. I do not know why Win puts all the hidden partitions on the drives that it can not see other than its hidden system partition, but it does all by itself and then it loses tract of its drivers, but it does. Then sfc/scannnow becomes so dysfunctional, that it can not recover, that it does consistently for last year on multiple rebuilt computers and all reloads and this still mystifies me, as why IE9 loads pictures and files on the computer to its history file that have never been on the net, yet appear along side of the history of visited web pages. I still do not understand why Avast only finds the trojans in backups and crash memory dumps and not during the active running load, but it doesn't. I am very willing to modify my behavior, but I am hopping that Win/Avast will help in correcting any security flaws.

Offline dansorin

  • Full Member
  • ***
  • Posts: 133
  • www.romanism.ro
    • Personal Message (Offline)
Re: Avast Web shield
« Reply #84 on: April 13, 2011, 06:37:23 PM »
unplug your computer from the network cable (or from the router) and install W7. even if not validated, W7 will run for 30 days. install avast, then connect to the internet. do you still have problems now? because W7 is not configured to serve you with malware the second you install it. if this is the case you have a modified(?) install kit of W7.
W7 Pro x86, avast! fan, Comodo Dragon, Ad Muncher, MBAM free, Easeus Todo Backup free.

Offline essexboy

  • avast! Überevangelist
  • Maybe Bot
  • *****
  • Posts: 28972
  • Gender: Male
  • Dragons by Sasha
    • Malware fixes
    • Personal Message (Offline)
Re: Avast Web shield
« Reply #85 on: April 13, 2011, 07:49:36 PM »
Windows 7 has a hidden partition where the recovery console is installed.  You will not see it through the OS

Quote
I did a complete reinstall from scratch/kill
Did you reformat the drive ?

Quote
but before it will work it needs to be updated and allowed by MS through contact with the net.
Windows 7 works right out of the box.. It will ask to update but you can deny that until you are ready, the system will still work.  That is how I installed my copy, no need to even connect to the net until you are ready 

Quote
"trojans keep spreading mysteriously" That is the problem. I am trying to understand how this happens consistently
If you over install rather than reformat this will happen, especially if you have an MBR infection 
Quote
Would like Avast to tell me when it stops running.
It does with the exclamation mark

I must admit I am still not sure what the problem is -

Offline DAV2

  • Full Member
  • ***
  • Posts: 104
    • Personal Message (Offline)
Re: Avast Web shield
« Reply #86 on: April 14, 2011, 08:35:06 PM »
Dansorin, thanks. I apologize for not being an expert in Win/security and I thank you for your input. Yes, Win comes from a Holograph disk and states genuine when validated by Win and the sfc/scannow works out of the box. I also have learned to pull the network plug during install. I also frisk and reformat before install after wiping with kill disk. I learned this after doing this with re-raiding, but still plugged into the net, that problems started right out of the box.

Offline DAV2

  • Full Member
  • ***
  • Posts: 104
    • Personal Message (Offline)
Re: Avast Web shield
« Reply #87 on: April 14, 2011, 08:53:49 PM »
Essexboy, thanks and I again apologize that I am not an expert in Win/security. Kill/format/fdisk yes.  Yes, I unplug from the net now before loading Avast etc. The only way I know Avast is not working is when it stops doing real time screening or a message appears in Win log that it has stopped. Com... firewall gives an error message that it has encountered an unknown problem and stops. The latest concern was stated above when I noticed that pictures and files on the computer were listed in the history of IE9 as if I visited them on the web, which was impossible, since they never left the computer. At this time Avast and Com.. fw says clean and Malw...... says clean, but the pictures and files still appear in the history file of IE9. Sfc/scannow is clean and the driver scanner says all drivers are signed. Is the appearance of some pictures/files on the computer in the history of IE9 normal, even though they never were associated by me with IE9? The files are selective and only pertain to sensitive material on the computer that I would never want out on the net. Is this normal?
« Last Edit: April 14, 2011, 08:55:37 PM by DAV2 »

Offline essexboy

  • avast! Überevangelist
  • Maybe Bot
  • *****
  • Posts: 28972
  • Gender: Male
  • Dragons by Sasha
    • Malware fixes
    • Personal Message (Offline)
Re: Avast Web shield
« Reply #88 on: April 14, 2011, 09:01:36 PM »
Quote
Com.. fw
does that mean you have commodo firewall as well

Offline Dieselman

  • Poster
  • *
  • Posts: 621
  • Gender: Male
    • Personal Message (Offline)
Re: Avast Web shield
« Reply #89 on: April 14, 2011, 09:08:54 PM »
Quote
Com.. fw
does that mean you have commodo firewall as well

That would be Comodo Firewall.  ;D

 

Google Chrome

AVAST recommends using the FREE Google Chrome™ browser.

Download Google Chrome Now