toolbar supplied by company causes alerts

Viruses and worms
1

A toolbar that loads onto my browser causes my Avast 4 home edition to warn against: Win32:Adware-gen [Adw] 080922-0, 09/22/2008 and the Win332:Mostofate-|[trj] If I do anything with these (remove, delete, etc.) anything but ignore, the toolbar will not work. The supplier of the toolbar says he is not having this problem with any other customer. The only way I can get the toolbar to install and function is to ignore the adware and virus warnings. I’m wondering if this is an Avast issue or if the program I’m installing truly has things that can cause me problems.

I’m not that technical, so any help I get in here is much appreciated.

2

You could also check the offending/suspect file at: VirusTotal - Multi engine on-line virus scanner and report the findings here. You can’t do this with the file securely in the chest, you need to extract it to a temporary (not original) location first, see below.

Create a folder called Suspect in the C:\ drive, e.g. C:\Suspect. Now exclude that folder in the Standard Shield, Customize, Advanced, Add, type (or copy and paste) C:\Suspect* That will stop the standard shield scanning any file you put in that folder. You should now be able to export any file in the chest to this folder and upload it to VirusTotal without avast alerting.

If it is indeed a false positive, see http://forum.avast.com/index.php?topic=34950.msg293451#msg293451, how to report it to avast! and what to do to exclude them until the problem is corrected.

3

David,

I don’t know how to export the files from the chest into the suspect folder I created.

4

I think I figured it out and all I got each time was “0 bytes size received”. Does that mean it’s not a virus?

5

No that isn’t what it means, it is more likely that the export from the chest didn’t work.

  1. what is the size of the file in the chest ?
  2. when you export from the chest (to the suspect folder you created) does avast alert ?

If so then you could end up with a 0 byte sized file, so you need to exclude the suspect folder from scans as I mentioned, did you do that ?

6

82,944 and over 600,000 so you are right. I think I excluded it. Does one do it through “program settings” and "exclusions?

7

David,

I excluded the suspect file and extracted the viruses to it. When I went to look at the size of the files, the Avast warning/alert came on. So, I must not be doing it correctly. Do I also have to delete the viruses from the chest? Sorry to sound stupid, but in this area I am.

Dennis

8

What toolbar did you install?

I googled Win32:Mostofate and it appears to be adware.

http://www.f-secure.com/sw-desc/adware_w32_mostofate.shtml

9

It’s a toolbar from http://www.proauthors.com/ I have both adware and a trojen virus in this thing. BTW thanks for all this help.

10

Also, I tried analyzing the files (I could see they are not 0 bytes) at the Avast address you first submitted and, again, it came up 0 bytes.

11

Read this again:

Now exclude that folder in the Standard Shield, Customize, Advanced, Add, type (or copy and paste) C:\Suspect\* That will stop the standard shield scanning any file you put in that folder. You should now be able to export any file in the chest to this folder and upload it to VirusTotal without avast alerting.

avast! won’t let you upload (or work with) what it thinks is infected which is probably why VT (if you managed to get to trying to upload) reports 0 bytes, that is why you have to get the exclusion set-up so avast doesn’t alert.

12

I’ve seen this window but I can’t find it now. I’m giving up until tomorrow. Gotta watch the presidential debate.

13

Left click on the avast ’ a ’ icon in the system tray, select the standard shield icon.

14

Gotcha. I’ll work on it tomorrow. Thank you for your help and patience. I let you know what happens.

15

You’re welcome, later.

16

:slight_smile: Hi Dennis :

A Google Search revealed Proauthors uses “ClickBank” and a Google Search
of them uncovered the following :

http://www.ripoffreport.com/searchresults.asp?q1=ALL&q5=ClickBank&submit2=Search!&q4=&q6=&q3=&q2=&q7=&searchtype=0

So be careful .

17

OK I did it. Pretty neat how this works. I got a whole bunch of stuff on each one. Two came up already been analysed. I copied the infor from the reports into MS Notepad. I could post it here but it’s a lot of info. I don’t know how to interpret it, whether it’s telling me it’s bad (as in it can crash my computer or dig into my financial data, passwords and the like) or what.

18

I have the reports and can’t determine if these are things about which to worry. The toolbar they are associated with doesn’t seem to work without them. How do I know if I can use the toolbar with the associated “viruses and malware”?

19

Uour management will be thrilled with your findings
time for a raise

20

I used my PayPal account to pay them and I have been in extensive conversations with the guy who started the company and developed the program. HOWEVER, I am going to ask him about his history with ClickBank

Thanks a heap.