Avast WEBforum
Other => General Topics => Topic started by: krypton on August 22, 2010, 10:22:22 AM
-
hello
i got 3 pop up msg today that threat deteted in network sheild. but when i try to see network sheild logs, i cannot see any virus logged in it.
wat is wrong i cant figure out.
-
What version and product of Avast are you using and are your definitions up to date?
It appears from your first screen shot that Avast did it's job and warned you about the infected site. You probably are not seeing any virus logged because Avast prevented you from getting one. Did you go in the site regardless of getting the warning?
-
i using avsat 5.0 free. yes it si updated daily
version is 100821-1
i did not visit any other site. i visit songs.pk or facebook
i visit those sites many times in a week but i not got pop up before.
i got pop up from yesterday.
-
My question is once you got the Avast pop-up alert...did you then leave the web page?
-
i did not leave any web page. i dont know from which site virus coming.
-
firewall is supposed to care about DCOM exploits and some other things like this(avast reports them because for some reason your firewall doesn't block them and avast has to do it instead of it). check your firewall
-
my firewall is switched off by me bcoz it automatically updates evertime and makes me pc down.
-
I suggest you make sure your Avast definitions are up to date, then run a FULL Avast scan.
If you have a 32-bit machine and you feel on the paranoid side (no offense, but if you want to be extra careful), you can a Boot-time scan. If you have on-demand scanners like MBAM, you can update the definitions and also run a scan.
After running the scans from Avast, see if anything goes into the Virus Chest. Do you have MBAM on your machine?
-
my firewall is switched off by me bcoz it automatically updates evertime and makes me pc down.
What firewall (FW) do you have? You need to get a FW that works better with Avast than the one you have for better security.
-
my firewall is switched off by me bcoz it automatically updates evertime and makes me pc down.
uh yeah, thats why you see notification about the exploit. normally, firewall is supposed to take care of them(silently, without annoying you with notifications). if you don't like default windows firewall, find better one. Can't recommend anything here since I'm fine with default one, though.
-
i dont have mbam in my pc.
see below my firewall
-
so you have default one. you can try ZoneAlarm firewall (http://download.cnet.com/ZoneAlarm-Free-Firewall/3000-10435_4-10039884.html?part=dl-69168&subj=dl&tag=button) if you dont like default windows firewall. but firewall is needed in some cases, so having no/turned off firewall is pretty insecure.
-
What is your OS (XP SP?, Vista, Win7, other)? You said you have a 32-bit.
You should turn your MS Updates on in your Security Center, or at least to notify you so you can do the update but not leave it off completely for better security.
Check your computer for malware with Malwarebytes’ Anti-Malware (MBAM).
· Download free http://www.malwarebytes.org/ (http://www.malwarebytes.org/) for an on-demand scanner.
· Double Click mbam-setup.exe to install the application.
· After install, click update so you have latest database before scanning.
· Under Settings:
o General: Automatically Save File After Scan Completes is checked off
o Scanner Settings: Check all boxes
o Updater: Download and install update if available is checked off
· Once the program has loaded, select "Perform FULL Scan", then click Scan.
· The scan may take some time to finish, so please be patient.
· When the disinfection scan is complete, a log will appear in Notepad and you may be prompted to Restart. (See Extra Note).
· Click the “remove selected” button to quarantine anything found. You will find the infection details under the Quarantine tab.
· The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
· Copy & Paste the entire report in your next reply.
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts -- Click OK to either and let MBAM proceed with the disinfection process; If asked to restart the computer, please do so immediately.
Do you have any questions?
-
Altarir., there have been reported problems with ZA FW and Avast, so I am not going to recommend that at this time. There are some that may recommend it, but for now krypton can turn on the Windows FW, which only offers 1-way protection which is minimal protection.
There are third-party FW's that do not conflict as have been reported with Avast such as Online Armor, Comodo (without the AV), PCTools Plus, and Outpost. There is also the Avast IS available as well (not third party). Once we know you don't have malware, krypton, you need to look into getting a FW. OK?
-
yeah he's got windows updates turned off too...the guy is looking for troubles ::) ...@ the OP, windows firewall doesn't update, so you were probably saying that your OS crashes when winupdate is on and...attempting to update. Are you running a legit version of Windows?
-
You should turn your MS Updates on in your Security Center, or at least to notify you so you can do the update but not leave it off completely for better security.
I know...that's why I suggested the above. He has lots of security holes that we can help him fix.
-
i m using windows xp
if i put my fw on then it starts updating whenever i switch on my pc. it makes my pc speed slow. and my net is dial up so it cant download heavy update about more than 35 mb. what to do in this problem?
-
I suggest you make sure your Avast definitions are up to date, then run a FULL Avast scan.
If you have a 32-bit machine and you feel on the paranoid side (no offense, but if you want to be extra careful), you can a Boot-time scan. If you have on-demand scanners like MBAM, you can update the definitions and also run a scan.
After running the scans from Avast, see if anything goes into the Virus Chest.
I would do as I posted above to see if you have malware since this is what prompted you to make your post...correct?
Then you can concern yourself with a third-party FW instead of the Windows FW, which you can download from another machine via a USB flash drive perhaps (if you know it is clean and your machine is clean) or buy a CD since you have dial-up.
-
what do you mean "your firewall starts updating", updating what, how ???
-
What is your OS (XP SP?, Vista, Win7, other)? You said you have a 32-bit.
You should turn your MS Updates on in your Security Center, or at least to notify you so you can do the update but not leave it off completely for better security.
Check your computer for malware with Malwarebytes’ Anti-Malware (MBAM).
· Download free http://www.malwarebytes.org/ (http://www.malwarebytes.org/) for an on-demand scanner.
· Double Click mbam-setup.exe to install the application.
· After install, click update so you have latest database before scanning.
· Under Settings:
o General: Automatically Save File After Scan Completes is checked off
o Scanner Settings: Check all boxes
o Updater: Download and install update if available is checked off
· Once the program has loaded, select "Perform FULL Scan", then click Scan.
· The scan may take some time to finish, so please be patient.
· When the disinfection scan is complete, a log will appear in Notepad and you may be prompted to Restart. (See Extra Note).
· Click the “remove selected” button to quarantine anything found. You will find the infection details under the Quarantine tab.
· The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
· Copy & Paste the entire report in your next reply.
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts -- Click OK to either and let MBAM proceed with the disinfection process; If asked to restart the computer, please do so immediately.
Do you have any questions?
i posting log here as u said.
wat i do now.
-
what do you mean "your firewall starts updating", updating what, how ???
i mean fw updates automatcally when i start pc.
i put my fw on now. but i switch off auto updates of fw
-
help me please. wat to do after mbam scan. i posted logs above.
-
MBAM indicates the following:
Windows 5.1.2600 Service Pack 2
C:\Tally\Patch.exe (Trojan.Bancos) -> No action taken.
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
Click the “remove selected” button to quarantine anything found. You will find the infection details under the Quarantine tab.
It appears from your log that nothing was put into quarantine. Can you confirm this by looking in the MBAM quarantine tab to see if anything is there? If not, recheck your Setting of MBAM and make sure ALL boxes are checked -- re-read my directions for Settings.
In addition, you are only running XP SP2 and should be running SP3. SP2 support ran out.
As you can see from the MBAM report, by disabling the MS Security Center, you have put your machine at great risk for malware, which you now have. The fact that you are unable or do not want to enable your Security Center for MS Updates and FW has me questioning if you are using a cracked version of Windows, or if I am wrong please forgive me and explain your reasoning so that we can assist you better. Note, if you are using a cracked version, we cannot help you.
-
no there is nothing in quarantine.
wat i do now.
i shoulg ignore or remove selected
-
You need to update MBAM again > do a FULL scan with MBAM > remove to quarantine the infected items (see my directions).
You also need to get a registered version of MS Windows. Until you do this, there is nothing more I can do to assist you. I also suggest once you have done this, you update it to SP3 and complete all MS Updates to reduce your risk of getting more malware. Thank you.
-
how can i enable ms updates?
-
how can i enable ms updates?
Genuine Microsoft software is published by Microsoft, properly licensed, and supported by Microsoft or an authorized partner – giving you full capabilities, access to all the latest updates, and confidence that you are getting the experience you expect. Validation is a quick and easy process that helps you to verify that your Microsoft software is genuine:
http://www.microsoft.com/genuine/validate/ValidateNow.aspx?displaylang=en