From: Dustin Cook on
"gufus" <stop.nospam.gbbsg(a)shaw.ca> wrote in news:UDLtn.113964$Ye4.59591
@newsfe11.iad:

> Hello, The!
>
> You wrote on Sat, 3 Apr 2010 07:49:11 -0700:
>
> | Avast is an antivirus application not an antimalware application. That
> | said the latest version is 5 do you have that version, mine detects it.
>
> Yep... to be safe, people /need/ both. I use MS Defender @ Avira.
>
> Good coverage IMHO

You don't need or want the stolen cobbled script of junk Chris panders
here. He's already got one sucker (BD), don't become his next one.


--
"Hrrngh! Someday I'm going to hurl this...er...roll this...hrrngh.. nudge
this boulder right down a cliff." - Goblin Warrior

From: gufus on
Hello, Dustin!

You wrote on Sat, 03 Apr 2010 18:57:10 GMT:

DC> You don't need or want the stolen cobbled script of junk Chris panders
DC> here. He's already got one sucker (BD), don't become his next one.

Ah...

--
With best regards, gufus. E-mail: stop.nospam.gbbsg(a)shaw.ca


From: David Kaye on
"FromTheRafters" <erratic(a)nomail.afraid.org> wrote:

>
>Were you running as administrator at the time of the "attack"?

Running XP Pro with a default user with admin privileges.

>It is possible, while browsing to a legitimate site, to get redirected
>to a site that launches several browser exploits aimed at executing a
>rogue application on your machine.

Using OpenDNS as the DNS. Using Windows Firewall and Avast. I checked
filedates in various directories and didn't see much other than ave.exe and
its entries in the registry. It was actually fairly simple to get rid of,
having dealt with it before on customer machines.

>(server-side) to avoid detection by your antimalware component. Similar
>to the way a virus can be self-polymorphic - a downloaded program file
>can take many forms.

What's eating me is that the program launched with a window that was clearly
detectable in Task Manager as ave.exe, and yet while Avast was running it
simply didn't see the program.

After rolling back the registry 5 days manually (booting up with BART-PE) I
then ran XP in regular mode and scanned with MalwareBytes. MB immediately saw
it. (I'm using the freebie MB, so it does no realtime scanning). Avast
still didn't see it even after I ran the drive scan option. And I have the
latest Avast update.



From: David Kaye on
"The Real Truth MVP" <trt(a)void.com> wrote:

>Avast is an antivirus application not an antimalware application. That said
>the latest version is 5 do you have that version, mine detects it.

Avast is an anti-malware app. It is extremely good otherwise at detecting
problems. To say that it is solely anti-virus indicates that you don't know
what a virus is.

From: gufus on
Hello, David!

You wrote on Sat, 03 Apr 2010 20:48:23 GMT:

DK>
>> Avast is an antivirus application not an antimalware application. That
>> said the latest version is 5 do you have that version, mine detects it.
DK>
DK> Avast is an anti-malware app. It is extremely good otherwise at
DK> detecting problems. To say that it is solely anti-virus indicates that
DK> you don't know what a virus is.

Hehehe...

--
With best regards, gufus. E-mail: stop.nospam.gbbsg(a)shaw.ca