Rootkit TDSSixgp.dll

Viruses and worms
21

The vps date roughly coincides with release of 2009 version; probably not such a coincidence if it was hacked into so soon…
Anyway, I’m not worried. I’m sure if there was anything wrong I would’ve had some warning before now.

Interesting stuff about RootkitRevealer; that’s exactly the info it displayed on my machine (plus a few avast temp files), and same date stamp on registry items. I know what I’m gonna do about too.

I got a screenshot here - can’t see it in preview, so not sure if it’s actually attached, but:

Settings for Web Shield > Customize > Advanced, ‘Silent Mode’ is not checked by default. To my way of thinking, maybe I should check that so that connection is aborted as soon as a virus is detected. That way, I don’t get five more sneaking past while avast! is waking up and then waiting for me to tell it what to do about the first one.

Does that sound right to you, or not?

In any case, it’s more than once now I had a number of viruses attempting to download from a single webpage and avast not catching all of them.

22

Yes it did, but I never intended that it had any reference to your TuneUp utilities, in fact I wasn’t particularly observant in seeing you had it.

It was just an exanple by posting an image to save a long drawn-out explanation of how the data/statastics are gathered, which has kind of kicked that idea into touch ;D

Neither of the options should be checked by default.

Silent, I want avast to scream to the high heavens if it finds something, I don’t want it to take any action without my input. This is probably more important for web browsing, if the silent option was enabled you would have a problem accessing a web page without knowing the reason why.

They don’t sneak past as avast effectively pauses things, but even so I would prefer to know what is going on so that I can be alert to a malware problem.

23

Same here really, which is why I hesitated to check Silent Mode myself. I want to know when malware is detected and just love that avast does actually ‘scream’ …whoop whoop…! ;D 8)

As for some malware seemingly being able to bypass webshield, well, I don’t know…
In this instance though, I’d have to guess it might have something to do with the particular rootkit going undetected.

It is a curious coincidence that it was TuneUp Utilities which aided in alerting me to having Trojan:32-gen {other} still on my machine a month later and set off this whole sequence.
2009 version does a general system check on start page - a bit sluggish, I’ll admit, but not as ‘buggy’ and ‘hoggish’ as some seem to experience.
One of its recommendations concerned a couple of programs I hadn’t used in a ‘long’ time. As soon as I clicked to see Details, up jumped avast! and, hey presto, here we are today.