Avast WEBforum
Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: rich424 on January 21, 2009, 05:04:10 AM
-
Hello and thank you for reading my post. I have a DELL 1525 Inspiron. I recently attracted 4 trojans. I went ahead and returned to "factory condition" (a Dell reset located in boot mode). I went ahead and downloaded Avast (the person I work for has it and suggested). I am having good luck so far with it. I just would like to know if I need any other kind of "spyware" or registry fixers? Thanks for looking and have a great day. Oh and would those trojans be lurking on my laptop anywhere? Hiding to come out another day?
-
Hello, and welcome rich424!
Glad you chose Avast as your Anti-virus service (wow, I sound like a salesman now ;D).
Spyware and malware scanners have been discussed plenty in this forum, so If you need help using them, just take a look around or use the search function.
As for which ones to use? These two have been the best these days:
http://superantispyware.com/
http://malwarebytes.org/
I personally like Malware-Bytes, but that's just me.
Also, don't forget http://www.spybot.com
By using their "Immunization" feature, it will prevent many ads and malware sites from ever being visited in the first place. Works like a charm.
As for the trojans lurking on your computer? I'd say not a chance. As long as you restored to the factory settings that is. Even a system restore (using the windows built-in utility could bring a virus back). If you format a hard drive, or restore an image (such as when the "factory condition" was restored) everything on the hard drive gets wiped clean.
I hope you the best, and again, welcome to the forums!
-
I agree with the use of SAS and/or MBAM. The free versions are demand scanners. (You can have as many of these installed as you deem necessary. Most would consider 2 or 3 adequate.) They have a good reputation for removing the stuff that some other scanners can't.
The reason for having more than one is that they each have overlapping detections, and one might detect and remove something on one day that another doesn't recognise, and vice versa. So scan with each of them maybe once a week, or any time the computer exhibits symptoms.
Along with scanners/detectors, keeping all installed software very up to date is important.
Have a look at www.secunia.org for an example of an online scanner. Installable application also available. (I understand Filehippo offer something similar, and so do Comodo.)
Consider using a non-MS browser, or if you use IE, consider reducing the permissions for each zone, except perhaps the intranet zone if applicable. Having the browser prompt for running scripts is a setting that can prevent drive-by downloads, which are usually trojans.
In my limited experience (I am not an evangelist, just another happy user) the more you study security and the ways of the web, the more you realize there is to learn. After a while you can even forget why you bought a computer in the first place.
-
I like SpywareBlaster:
http://www.javacoolsoftware.com/spywareblaster.html
Update its definitions then make sure "Enable all protection" is selected.
Check for updates about every two weeks.
-
Hi...
In addition to the recommendations listed above, I would also suggest one of these realtime spyware scanners...
http://www.microsoft.com/windows/products/winfamily/defender/default.mspx (Windows Vista already comes with this.)
http://www.spywareterminator.com/
Windows Defender is more user friendly but less configurable while Spyware Terminator has more options but requires a bit more know how, in my opinion. :)
There is another program, "Ad-aware Free Anniversary Edition," that also provides realtime protection but having not used it, I can't comment on any of its attributes...
http://www.lavasoft.com/products/ad_aware_free.php
Hope this helps. :)
May God Bless you! :)
-
Thanks everyone for the fast replies. My laptop came with Vista so I do have Defender running. I will use Malwarebytes as well and spybot. Oh heck just to make sure I will also get superantispyware. Thanks again. Oh Oh and I am using Firefox for internet. Any other suggestions? On the Spyware Terminator, do I want to use the Clam anti virus? If I already have avast anti virus than it seem like I dont need Clam, right?
-
NO! Actually you really only want to run one antivirus on your computer at any given time. Two anti-virus softwares installed could potentially screw things up.
As stated previously, "on-demand" spyware scanners can be installed at the same time, because of the fact that they don't scan all the time "on-access." Again, because some anti-spyware software doesn't catch everything, having another installed will most likely catch anything left from the other.
Yes, please uninstall Clam anti-virus (or Avast, but I highly recommend using avast instead).
-
When I installed Malwarebytes a window came up from avast.
-
What did it say? I don't think it should have said anything.
-
Im sorry i dont remember what it said. It did ask me to do a boot scan. which I did.
-
I think it may have been a weird coincidence. I just installed Malware Bytes on a computer that has Avast installed, and nothing came up.
Did it find anything during the boot time scan?
-
I dont think it found anything. I just ran a quick scan with avast and it did not find anything either.
-
Presumably you are talking about an infected file alert ?
If so - What is the infected file name, where was it found e.g. (C:\windows\system32\infected-file-name.xxx) ?
Check the avast! Log Viewer (right click the avast 'a' icon), Warning section, this contains information on all avast detections. C:\Program Files\Alwil Software\Avast4\ashLogV.exe
It is possible that as MBAM extracts/updates its signature files avast might detect a signature, so what exactly were you doing at the time ?
-
Im sorry guys but the log file does not have anything in the warning file for today. I dont know. It did say to ignore it. Im sorry I did not retain more information when it happend. After this weekend fighting all the trojans I kinda freaked out a little.
-
Alrighty, keep an eye on it, and if Avast says anything else, be sure to either write the message down (if possible) or give us as close of a description of the problem as possible. We should be able to take it from there...
-
Will do. I am running another through scan now.
-
Im sorry guys but the log file does not have anything in the warning file for today. I dont know. It did say to ignore it. Im sorry I did not retain more information when it happend. After this weekend fighting all the trojans I kinda freaked out a little.
If it said to ignore it then it wasn't a standard scan, but likely to be the anti-rootkit scan that takes place 8 minutes after boot, this normally give two options Ignore and Delete and avast gives a recommended course of action. You should allow avast to send a sample for analysis (the default setting).
This heuristic style scan doesn't log entries in the warning section like normal scans, but in the C:\Program Files\Alwil Software\Avast4\DATA\log\aswAr.log file (you can view with notepad), this is overwritten on the next anti-rootkit scan.
You would have to be fast off the mark to be downloading or updating MBAM at that point though. So I don't really know if this is exactly what you saw.
-
There is another program, "Ad-aware Free Anniversary Edition," that also provides realtime protection but having not used it, I can't comment on any of its attributes...
Sadly Ad-Aware is way behind the times and just takes up hard drive space and valuable RAM.
Stick with Malwarebytes MBAM but only run the Quick scan as it finds 99.9% of the infections and the Full scan should only be ran if reqested.
-
Yeah, Ad-Aware used to be great, but they're falling quickly. I haven't tried the new version, which supposedly gives you realtime scanning for free, but I still doubt its effectiveness.