Author Topic: Avast Web shield  (Read 47690 times)

0 Members and 1 Guest are viewing this topic.

DAV2

  • Guest
Re: Avast Web shield
« Reply #30 on: January 05, 2011, 12:02:47 AM »
Thank you. I think I got the pattern now. The report says all processes killed etc. As you may have noticed, I run Avast and a 2 way firewall on both machines. I scan almost daily with Mbam and although sharing a NAT router, they are configured not to talk to each other. How did this happen, so I can make it NOT happen again? Thank you in advance. (The fix even got back my home page on IE8. It was blank before fix. Thanks)
« Last Edit: January 05, 2011, 12:07:14 AM by DAV2 »

Hermite15

  • Guest
Re: Avast Web shield
« Reply #31 on: January 05, 2011, 12:05:31 AM »
yeah, would be interesting to know where you got the trojan from...

DAV2

  • Guest
Re: Avast Web shield
« Reply #32 on: January 05, 2011, 12:14:14 AM »
The 2 way firewall scans all downloads and certifies them clean, before I can even open them. How did this happen?

DAV2

  • Guest
Re: Avast Web shield
« Reply #33 on: January 05, 2011, 12:19:08 AM »
Both computers were locked in a secure vault that only I have access to. How did this happen?

Hermite15

  • Guest
Re: Avast Web shield
« Reply #34 on: January 05, 2011, 12:20:08 AM »
The 2 way firewall scans all downloads and certifies them clean, before I can even open them. How did this happen?

no idea, firewalls don't scan downloads btw, so I wonder how they could certify anything... firewalls control ports and protocols used by applications, they're not anti-viruses ;)... now the question is how is that that your AV (Avast I suppose) didn't detect it... remains where you got the trojan from, can be a drive by download (ie something you're not aware of when it happens; you might even get it by visiting a legit and supposed to be clean site; but the site has been hacked and the owner of that site doesn't know it either).

DAV2

  • Guest
Re: Avast Web shield
« Reply #35 on: January 05, 2011, 12:26:11 AM »
This 2 way firewall does scan all downloads. It double scans all suspicious files and certifies them to be free of anything that even acts suspicious. (It is actually part of the browser.) I am still wondering how it happened, so I can make it NOT happen again. Thanks. (Is this a key logger?)
« Last Edit: January 05, 2011, 12:31:02 AM by DAV2 »

Hermite15

  • Guest
Re: Avast Web shield
« Reply #36 on: January 05, 2011, 12:29:31 AM »
could you name this "firewall" ?

edit: and again, how do you want us to tell the origin of that trojan... you're the one surfing on your computer. If Avast was running when your system got infected, the best way to avoid a further infection is still to submit it to...Avast. Use for that the file submission utility included in the softwtare UI.
« Last Edit: January 05, 2011, 12:33:01 AM by Logos »

DAV2

  • Guest
Re: Avast Web shield
« Reply #37 on: January 05, 2011, 12:32:57 AM »
You already know it. It is in the log file I sent you. A competitor.

Hermite15

  • Guest
Re: Avast Web shield
« Reply #38 on: January 05, 2011, 12:34:09 AM »
You already know it. It is in the log file I sent you. A competitor.

no I don't, 'cause I didn't read it all but okay, I'll have a look...

ps: I edited my last post above, read that ;)

DAV2

  • Guest
Re: Avast Web shield
« Reply #39 on: January 05, 2011, 12:37:51 AM »
Thanks. I am not an expert like you and I just wanted to better understand, if simply connecting to a site and not downloading anything gets this infection, or I actually do need to download a file. I will check all my logs and try to see where it could have possibly come from. Thanks again. (I did not realize the infection until Avast stopped working.)
« Last Edit: January 05, 2011, 12:41:13 AM by DAV2 »

Hermite15

  • Guest
Re: Avast Web shield
« Reply #40 on: January 05, 2011, 12:43:23 AM »
okay no big deal, this should be Zone Alarm, probably including an scanning plugin for your browser, what they call "advanced download protection" ;D ... and this should as I say mean that the plugin is scanning for viruses, not much to do with a firewall >>> I mean even if ZoneAlarm flagship product is the firewall, you may have noticed that your suite contains a "Antivirus/Spyware Scan Engine" okay? so it's that that allowed your trojan to get through. Firewalls don't scan okay?  ::)

 And if there's a place where you may need to complain, it's on ZoneAlarm forums ;D they'll tell you how this could happen. Okay, this said, ZoneAlarm is... a very outdated piece of software, conflicting with many things on a PC, especially other security software. You'd be better off if you got rid of it. Now I understand that you probably paid a subscription, so that's your choice ;)

Hermite15

  • Guest
Re: Avast Web shield
« Reply #41 on: January 05, 2011, 12:56:41 AM »
anyway, no doubt that your system was crawling with both ZA suite and Avast installed :D ... again, ZA is very good at conflicting with any other security software, + running two AV's etc... is the worse you can do, they will deny eachother access to malware by requesting exclusive access.

DAV2

  • Guest
Re: Avast Web shield
« Reply #42 on: January 05, 2011, 12:59:26 AM »
Thank you Logos. Actually the real time scanner is Avast. The other only looks at downloads before they can be opened. It tests them in a secure environment before I can open them and will tell me if they have any suspicious behavior before that happens. If I do not download, but only connect to a site, can I get this infection? Thanks in advance. (I have been considering the total Avast package. Thanks for the advice.) I am also wondering why Mbam missed it until today
« Last Edit: January 05, 2011, 01:05:48 AM by DAV2 »

Hermite15

  • Guest
Re: Avast Web shield
« Reply #43 on: January 05, 2011, 01:07:29 AM »
Thank you Logos. Actually the real time scanner is Avast. The other only looks at downloads before they can be opened. If I do not download, but only connect to a site, can I get this infection? Thanks in advance. (I have been considering the total Avast package. Thanks for the advice.) I am also wondering why Mbam missed it until today

even if you deactivate real time scanners on one side, their drivers load, and that's not good. This does slow systems when loaded from two separate security programs.

 And yes, some infections as said can be transmitted online without downloading purposely anything. + your ZA download scanner is probably conflicting with Avast web shield in the first place. I don't even know if the ZA suite does that locally or with a cloud scanner. Anyway if you want to keep using Avast, again get rid of anything ZA related.

DAV2

  • Guest
Re: Avast Web shield
« Reply #44 on: January 05, 2011, 01:18:39 AM »
I have been testing a lot of security programs. Norton, Mca.., Zone.., Essen.., defen.. and Avast to name a few and I scan with Mbam almost daily. Yes, I try to avoid any and all conflicts and never have 2 AV at the same time. I am testing the ZA E on one computer, but it was the other that did not have ZA E on it where Avast failed. Thanks for your help.