Author Topic: Do I need anti-spyware as well as Avast?  (Read 20884 times)

0 Members and 1 Guest are viewing this topic.

YoKenny

  • Guest
Re: Do I need anti-spyware as well as Avast?
« Reply #15 on: September 26, 2009, 01:39:07 PM »
@superhacker

Your advice seems a bit overzelous as to having Avara as well as avast! will clash and this fact is well documented on this forum.

I would not use anything from Comodo myself:
http://hphosts.blogspot.com/2009/07/comodo-replace-malware-with-err-malware.html
http://hphosts.blogspot.com/2009/07/comodo-and-ongoing-trust-saga.html

Mr.Agent

  • Guest
Re: Do I need anti-spyware as well as Avast?
« Reply #16 on: September 26, 2009, 05:40:50 PM »
+1 for Yokenny. ;)

xerostar

  • Guest
Re: Do I need anti-spyware as well as Avast?
« Reply #17 on: September 26, 2009, 07:24:10 PM »
Thank you everyone!
Your advice has been very helpful.


Mr.Agent

  • Guest
Re: Do I need anti-spyware as well as Avast?
« Reply #18 on: September 26, 2009, 07:37:22 PM »
Your welcome.

xerostar

  • Guest
Re: Do I need anti-spyware as well as Avast?
« Reply #19 on: September 27, 2009, 04:25:26 AM »
I installed MBAM and ran a detailed scan.

These are the results:

Registry Data Items Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Files Infected:
C:\Program Files\HTMLConvert\HTMLConvert.dll (Trojan.Agent) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{78D99F90-86DF-4B3C-85F2-336148289E01}\RP157\A0080141.dll (Trojan.Agent) -> Quarantined and deleted successfully.

K:\Papa\AppData\Local\Temp\MMBPlayer\dssEditBox.dll (Malware.Packer) -> Quarantined and deleted successfully.

K:\Papa\AppData\Local\Temp\MMBPlayer\Plugin.dll (Malware.Packer) -> Quarantined and deleted successfully.

So I'm very happy with MBAM and your advice. My paranoia was justified!

Can anything of significance be seen in the type of malware found?


YoKenny

  • Guest
Re: Do I need anti-spyware as well as Avast?
« Reply #20 on: September 27, 2009, 04:36:40 AM »
AntiVirusDisableNotify means that the anti virus was disabled or not up to date
FirewallDisableNotify means that the Windows firewall was turned off
UpdatesDisableNotify means that Automatic updates was turned off

You need to post the complete MBAM log as the top part is important as well.

The rest are malware removal indications.

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88895
  • No support PMs thanks
Re: Do I need anti-spyware as well as Avast?
« Reply #21 on: September 27, 2009, 02:56:50 PM »
AntiVirusDisableNotify means that the anti virus was disabled or not up to date
FirewallDisableNotify means that the Windows firewall was turned off
<snip>

What they actually mean is that the Windows Security Centre's (WSC) function to 'notify' you that your AV or firewall has been disabled, etc. It doesn't actually mean that they have been disabled, this is usually a pre-emptive strike before attempting to disable them. Whilst it is a possibility they have been disabled this actual registry key is for the WSC notifications.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline superhacker

  • Avast Evangelist
  • Advanced Poster
  • ***
  • Posts: 979
  • superhacker != super mario
Re: Do I need anti-spyware as well as Avast?
« Reply #22 on: October 01, 2009, 12:09:11 PM »
Quote
Registry Data Items Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
they are system policies and may be done by avirus but may be done by disable alarm am control panel by a user.
Quote
Files Infected:
C:\Program Files\HTMLConvert\HTMLConvert.dll (Trojan.Agent) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{78D99F90-86DF-4B3C-85F2-336148289E01}\RP157\A0080141.dll (Trojan.Agent) -> Quarantined and deleted successfully.

K:\Papa\AppData\Local\Temp\MMBPlayer\dssEditBox.dll (Malware.Packer) -> Quarantined and deleted successfully.

K:\Papa\AppData\Local\Temp\MMBPlayer\Plugin.dll (Malware.Packer) -> Quarantined and deleted successfully.
i am sure that the last two files completely virus free(the same thing came with me but i analyze the files and discover that FPs in MBAM)
and the other files maybe virus free but how i am sure?
you can send the files to kaspersky lab virus lab :virus@kaspersky.com
after zip those files and protect them with a password (dont forget to write the password in the message) ;D
after two days or less they will tell you about them or send them to me and iw ill report you after two days at most(make a zipped file with password)
or send them to any virus lab and see. ;)
Dreams don't die, they just fall asleep.

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67195
Re: Do I need anti-spyware as well as Avast?
« Reply #23 on: October 01, 2009, 02:24:00 PM »
I'm seeing much more false positives of MBAM nowadays. Take care.
The best things in life are free.