Author Topic: avast.setup and tracker.prq.to  (Read 15768 times)

0 Members and 1 Guest are viewing this topic.

Offline buttoni

  • Full Member
  • ***
  • Posts: 131
  • I love rat terriers!
    • Buttoni's Low-Carb Recipes
Re: avast.setup and tracker.prq.to
« Reply #30 on: October 22, 2006, 02:08:13 AM »
FWIW, will share similar experience recently, but with Comodo Firewall.  Got similar untoward multiple connections of avast.setup, and other avast files, but also iexplore.exe, ybrowser.exe, servicehost.exe and virtually any programs that had outbound clearance in my firewall!  What I had wasn't picky how it got out.   :)  The correct connections were made, but then additional connections using the same files were also made concurrently!  I struggled with noting IP's & searches on ARIN WHOIS for days trying to figure it all out.  My pc ended up in a pc repair shop.  PC is two trojans lighter and I lost 5-7 lbs. stressing over this!  Rough way to lose weight, though. 

But pc repairshop cleaning them off using Sunbelt CounterSpy & doing Dell PC restore didn't resolve!  Spurious connections persisted per Comodo.  All but two IP's in Amsterdam & France were IP's of well-known U.S. ISP's & telecom data providers.  I found that rather curious.   Like original poster, if I blocked them, I couldn't get onto the net.  If I allowed them, I could, and then immediately killed the connections in Comodo after on-line!  Boy, did THAT ever get to be a nuisance, because new connections popped up (3-7) with every change of web page.   Interesting thing is that Ewido, Avast, Trojan Hunter, A-squared, Adaware, SuperAntispy run in safe mode saw NO INFECTION! 

The repairshop did a second Dell PC Restore (no charge), this time not reinstalling SBC DSL browser software (which he suspected was source of my problems)  but that didn't resolve either.  Connections "wherever" (Ripe.net in Amsterdam was one) piggybacking out on "whatever" (Avast or system files) continued. 

What HAS finally resolved the problem is to get rid of a piece of Dell preinstalled redirecting software call MyWay Search Assistant!  They swear it is not spyware & have denied allegations it tracks web usage for ages.  Since a complete wipe of my HDD was my next step, what did I have to lose?  I went down the registry hive by hive, key by key, line by line and deleted any & all entries for MyWay.  Had long since disabled the Add-on.  I had done Dell Forum's published instructions for manual removal of this pest:

http://forums.us.dell.com/supportforums/board/message?board.id=si_virus&message.id=42328

Yet there were still countless entries scattered all over the registry for MyWay!  Once all registry entries for MyWay were deleted, I rebooted and those connections seem to have stopped.  Now things are connecting to the ip's that are appropriate.  I did have two trojans (if the pc repair shop isn't dishonest), but Dell's pre-installed software (with no remove button in Add/Remove Programs, by the way) didn't make life any easier during the crisis.  Interesting read here on the subject of MyWay removal I'll share for Dell pc owners:

http://www.pcsympathy.com/article1041.html

I only share this in case the user has a Dell pc, he may want to delve deeper.  Not sure they are putting this "crapware" on newer machines, they have had so many complaints from customers about it.  But they were when mine was manufactured/shipped Dec. 2004.
« Last Edit: October 22, 2006, 03:21:58 AM by buttoni »
System Specs:  Hp Pavilion p6270z quad core; 2.6 GHz; 8GB DDR3 ram; Win7x64 Home Premium; FX 3.6; DSL 2Wire 1800 router; Yahoo Web Mail; MVPS Hosts; Comodo FW (D+ enabled); Avast5 AV Free Ed; SuperAntispyware Pro; Windows Defender; MBAM on demand.