!avast screen saver scanner found Win32:Small-BWL [Trj] found in memory so using task manager i stopped the running process. As seen in attachment #1 it belongs to SUPERAnitSpyware.exe – Why is there not an option in the !avast Warning pop up to stop the running process in question ???
Immediately after stooping the running process with task manager i then pressed the start button on the task bar and Explorer.exe crashed generating a full drwtsn32 error report
As seen in attachment #2 since finding Win32:Small-BWL [Trj] and stopping the the running process I’ve had 8 DCOM Exploit attack all of which are from similar but different IP addresses which !avast has blocked.
H E L P H E L P H E L P
P.S. This forum wont let me upload the attachments as they are too big. How do i make them smaller. They are in jpg
format.
Update: 1:26 pm CST After rebooting !avast screen saver scanner detected Win32:Small-BWL [Trj] found in memory this time as process 2712 which is still SUPERAnitSpyware.exe . Just before rebooting i did a Full Off Line Scan which detected nothing. And again nothing in the logs except more DCOM Attacks.
I wasn’t aware that the screen saver scan (I don’t use it) actually scanned memory, not by default according the the settings. Presumably you have made some adjustments in the screen saver scan settings (it has the Ignore Virus Targeting option also) ?
No such settings have been changed on over 3 months. If you go [Right click desk top then propertys then screen saver select avast for screen saver then settings
You mention no changes in over 3 months, avast5 was only released at the end of last month.
You are still using 4.8 (having just looked at your screen shot again), I though you were using 5.0, so I can’t check the settings, or test to see why SAS memory process is detected.
However, I would suggest that you update to avast5 it is streets ahead of 4.8 in all areas.
I use !avast version 4.8 Home Edition - Free Antivirus When i use the update program option is said i have the most curent version And again “I have not changed any screen saver options in over 3 months” and they are as i left then.
k so i dumped superantispyware : i’d only been using it for about 2 weeks any how n it was free. Running v5 now but… : i’m still getting all these DCOM attacks ??? Whats up with that
With over 100 million avast 4.8 users there is a rolling update notification to balance server load, so that is most likely you haven’t had your notification.
I would suggest you hold off on tweaking until you get a better understanding of how avast5 works and what the impact of any tweak might be as there is no ‘Restore Default Setting’ button.
So why dump SAS and what is wrong with free you have been using the free version of avast for how long ;D
The DCOM attacks are external and random not targeted, they should be blocked by your firewall (avast is acting as a fall back here), what is your firewall ?
ooops too late :o Where was that “Retore Default Setting” button again ??? I’m sure i’m safe but i’ve slowed my laptop to a crawl lol it’s scaning everything for everything as i’ve tweekrd the sh*t out of it
Dumping SAS is only tempory. What i mant was no harm done as i can just download and install it again.
My firewall is “COMODO W D+”
Again i’m getting LOTS DCOM attacks that avast is blocking which is good by why is my COMODO Firewall not blocking it ???
Do these DCOM attacks mean SOMEONE is trying to hack into my computer ???
lol I just downloaded v5 am now tweeking settings