is it recommended that i have an anti-spyware? if so can you guys tell me a good one that works well with avast cuz i was looking at some spy-ware vids on youtube and saw ppl saying that its good to have a anti-spyware.

thanks
-diehard1272-

Diehard let’s continue this other post here also
Your Post
“there seem’s to be alot of trojan-gen going around the last few day’s all im thinking is false alarms Shocked i had a few i put in chest and did a avast boot scan.soo yea hope the trojan dont come back Shocked Shocked”

You could also check the offending/suspect file at: VirusTotal - Multi engine on-line virus scanner and report the findings here. You can’t do this with the file securely in the chest, you need to extract it to a temporary (not original) location first, see below.

Create a folder called Suspect in the C:\ drive, e.g. C:\Suspect. Now exclude that folder in the Standard Shield, Customize, Advanced, Add, type (or copy and paste) C:\Suspect* That will stop the standard shield scanning any file you put in that folder. You should now be able to export any file in the chest to this folder and upload it to VirusTotal without avast alerting.

If it is indeed a false positive, see http://forum.avast.com/index.php?topic=34950.msg293451#msg293451, how to report it to avast! and what to do to exclude them until the problem is corrected.

BOOT TIME SCAN- you already did this
Id suggest then rt clicking on the ball, updating and scheduling a boot time scan
quarantine/chest do not delete/remove

The C:\Program Files\Alwil Software\Avast4\DATA\report\aswBoot.txt provides a more user friendly summary of the boot-time scan and it should list any detections.
post it back here

NOW TO THE ANTI SPYWARE QUESTION
just the majors not the Crap
Malware Bytes Anti Malware and Rogue Remover
Super Anti Spy
Spybot Search and Destroy

for Trojans
A Squared
Trojan remover (shareware free trial) the one from Simply Super Software not just any old trojan remover

a very few other free ones plus the good paid ones
spysweeper, counterspy, spyware doctor. Trojan Hunter

however with all of these send any hits to Quarantine- do NOT remove/delete
google up any hits to check for false positives

Start with a scan with Malware Bytes Anti MAlware and post the logs back here

patience- this takes time
good luck

The link for VirusTotal is relatively obvious, but this should stop having to search or guess, http://www.virustotal.com/.

DavidR
thanks
the link plus the little blurb on how to export/ copy from chest would be handy to add to the how to
diahard seems to be on a good start with his boot scan and move to chest
we should all be so lucky

Diehard
Polonus posted these handy links in another thread

RogueRemover:
http://www.download.com/RogueRemover/300…
Download, install, update, scan and follow on screen prompts.

Malwarebytes Anti-Malware:
http://www.download.com/Malwarebytes-Ant…
Download, install, update and select Quick Scan

Spyware Doctor Free Basic Edition:
http://pack.google.com/intl/en/pack_inst…
Its free with Google pack, untick all boxes except Spyware Doctor. Download install, update and run.

Hi Diehard :

For antiSPYWARE/antiTROJAN programs, many CERTIFIED “Malware-Fighters”
recommend ONLY “SUPERAntiSpyware” and/or “MalwareBytes’ Anti-Malware” .

No problem if you want to copy something, use the Quote button in the post, that grabs the underlying code in the friendly link with name, and then it will work as it should. Then you can hack bits out or edit as you wish.

see also this thread
http://forum.avast.com/index.php?topic=37534.0
Why use a standalone spyware program if Avast has built-in spyware protection?
lets move the spyware program comparisons over there and continue Diehard’s virus problem here
thanks

Hi Diehard,

I agree with Spiritsongs this time, yep, where he says SAS and MalwareBytes’ Anti-Malware for your anti-spyware solution…
The latter program you can have permanently on your comp, I have it installed on an USB stick (make a folder for it on the USB stick and install it in this folder, for instance name it MBAM. works great).
SAS is also good, but it uses quite some more space and cycles than the MBAM. Download and use it whenever you think you have spyware.
Also an occasional scan with an updated DrWeb’s CureIt will further close the vulnerability window, goes fine alongside avast’s.
One anti malware program or one av solution cannot protect you fully. Layered security is the answer.
Update and patch all your software for flaws, surf without full admin rights, use in-browser security like
the latest Firefox with the NoScript add-on installed. etc. Security is more of an attitude than anything else,

polonus

hey guys the trojan gen i had seem to have left my computer i wasnt infected with spyware tho but today i was useing my comp and this alert came out of nowhere i was just on the avast website “(Win32:IRCbot-ACE[trj]” has been found in "W:\WINDOWS\SYSTEM32.EXE"file. now im scannin my computer with a quick scan from malwarebytes and it picked up 99 adware? i dont know what to do all i see is an remove option should i please respond.

thank you
-diehard1272-

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Program Files\MyWebSearch (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Avatar (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Game (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\History (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\icons (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\SrchAstt (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\SrchAstt\1.bin (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\FunWebProducts (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\ScreenSaver (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\ScreenSaver\Images (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache (Adware.MyWebSearch) → Quarantined and deleted successfully.

Files Infected:
C:\Program Files\Internet Explorer\msimg32.dll (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3BKGERR.JPG (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3BROVLY.DLL (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3CJPEG.DLL (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3HISTSW.DLL (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3HTMLMU.DLL (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3HTTPCT.DLL (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3IMSTUB.DLL (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3POPSWT.DLL (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3PSSAVR.SCR (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3REPROX.DLL (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3RESTUB.DLL (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3SCHMON.EXE (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3SCRCTR.DLL (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3SHLLVW.DLL (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3SPACER.WMV (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3WALLPP.DAT (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3WPHOOK.DLL (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3FFXTBR.JAR (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3FFXTBR.MANIFEST (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3HTML.DLL (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3IDLE.DLL (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3IMPIPE.EXE (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3MSG.DLL (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3NTSTBR.JAR (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3NTSTBR.MANIFEST (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3OUTLCN.DLL (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3SKIN.DLL (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3SKPLAY.EXE (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Avatar\COMMON.F3S (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\00627283 (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\006279D6.bin (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\00627B6D.bin (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\00627DAF.bin (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\00627F55.bin (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\0062A887.bin (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\0062B4EB.bin (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\0062C15F.bin (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\0062C314.bin (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\0062CF49 (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\008CA4E2 (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\01C9B16F.bin (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\01C9B2A7.bin (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\01C9B46C.bin (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\files.ini (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Game\CHECKERS.F3S (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Game\CHESS.F3S (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Game\REVERSI.F3S (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\History\search2 (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\icons\CM.ICO (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\icons\MFC.ICO (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\icons\PSS.ICO (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\icons\SMILEY.ICO (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\icons\WB.ICO (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\icons\ZWINKY.ICO (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON.F3S (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\COMMON.F3S (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\DOG.F3S (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\FISH.F3S (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\KUNGFU.F3S (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\LIFEGARD.F3S (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\MAID.F3S (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\MAILBOX.F3S (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\OPERA.F3S (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\ROBOT.F3S (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\SEDUCT.F3S (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\SURFER.F3S (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings\prevcfg2.htm (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings\setting2.htm (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings\settings.dat (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache\AvatarSmallBtn.html (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache\CursorManiaBtn.html (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache\MailStampBtn.html (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache\MyFunCardsIMBtn.html (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache\MyStationeryBtn.html (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache\SmileyCentralBtn.html (Adware.MyWebSearch) → Quarantined and deleted successfully.

Why get infected in the first place ???

Install a HOSTS file.

HOSTS files I use:
http://www.mvps.org/winhelp2002/hosts.htm
http://hosts-file.net/?s=Download

Managed with HostsMan and I use its HostsServer proxy to speed up browsing:
http://www.abelhadigital.com

i didnt ask to get infected it just happened i dont visit no sites with virus or nothing… mayb its when my sister use myspace and my mom google random websites… i warn them but they just keep doin it

Hi diehard1272,

I think it is also time to clean up house (computer temp files meant) with ATF Cleaner (yes tick all and fire) and the additional ClearProg to have a go at specific IE, Fx and Windows files.
Get ATF Cleaner here: http://www.majorgeeks.com/downloadget.php?id=4949&file=15&evp=72ef5a5e927b2276e6a5bc34c89d005a

Get ClearProg here: http://www.clearprog.de/site.php?id=10&lang=en

That is a lot of crap less, I do this only a regular basis and it never caused me any harm, because I like my comp nicely crisp and clean, and what I like to save saved through back-up,

pol

Hello again
echo the hosts file recommendation
also spybots immunize un pdate and immunize every Wednesday
and since you are an IE user
Spywareblaster

If others are using your computer password your admin account and set up user accounts for you and either sister, mom or guest (and for you!)

you might consider a real time anti spyware such as spyware terminator (uncheck the add on boxes for additions)
or Spyware doctor via google toolbar here again uncheck all the boxes except spyware doctor
either will slow down your computer a tiny bit but will give you the protection you need for these uncontrolled surfers

T-timer and Win Patrol could work if you could keep them from just checking yes to the authorization popups
note to Avast
how do we prevent non admins from bypasing avast’s popups?

windows defender?

It’s scary to think what an ad-aware scan might find- if you are on DSL give it a try
( I do not usually recommend ad-aware but here…

you can run ccleaner or what poponus recommends above

you could also run a spybot scan and see if there are any other tracking cookies or web bugs looking at your system

your choice of MBAM - good one you might try a full scan
and a boot time scan of avast next time you reboot

however if you do the Spyware terminator or spyware doctor plan they would suffice also

Hi Diehard :

If it is your Mom and/or your sister causing the “program”, they do not seem
to care since they feel you will clean up the computer “Mess” they leave
behind !? In that case, I recommend you set up “Limited” User Account(s)
for each of them to lessen the potential “damage” they may cause when
using the computer !?

P.S. I, personally, do NOT recommend using a “specialized” “Hosts File”
because of the degree of “work” necessary to maintain it; feel it would be
a lot easier to just use the FREE “SpywareBlaster” from
www.javacoolsoftware.com .

thanks guys ever sinse i did that malwarebyes scan i didnt see the trojan-gen any more ill keep you guys updated if it does come back thanks for the help.

o 1 question if i wanna keep a perm anti - spyware do u recommend i keep malwarebyes on my comp cuz i removed it after scan.

ffs talk about good news that dumb irc virus just showed up >> i had it now >> gonna just ignore these alerts or put in chest till i find a result

Malwarebytes is only on-demand, I mean, the free version. As well as Superantispyware.
If you want an on-access (resident) one, so try SpywareTerminator.