Sign in to follow this  
footloose

Two Security Softwares "Disabled"

Recommended Posts

Hi from a Newbie !!

Yesterday morning - it appears I may have been hit by a "drive-by" Malware. Not sure. Advertizing windows kept popping up as I closed the previous one down. I finally used Sone Alarm's Internet Lock to stop the nuisance. After closing everything & rebooting - all was OK until the evening, when I decided to reboot (to refresh the PC). Not this PC. Another one of mine - XP Pro SP3.

Upon rebooting - Windows told me that AVIRA Personal's Guard was disabled - and Ad-Aware's "Ad-Watch Live" required a reboot to finalize the installation of Ad-Watch Live. I've rebooted several times - to no avail. I even tried to d'load & install a newer version of Ad-Aware (8.3.0). Same thing - AdAware wanted a reboot, to finalize the installation of Ad-Watch Live.

Without uninstalling AVIRA Personal - I tried to re-install it "over the top". On completion of unpacking the files [from its setup file] - a message window appeared, saying something to the affect that it needed at least Windows 2000 with SP4, etc. Hey !! I have XP Pro SP3 !! What's going on ????

Having run several scans over night & today - nothing found anything. Then - I ran an MBAM scan. It found [color="#FF0000"]Trojan.FakeAlert.H[/color][b][/b] in one Registry entry & in one file. I quarantined these 2 detections.

All settings in Control Panel|Administrative Tools|Services are set correctly (as per all blogs I've read on this LS Forum). Yet - AA keeps telling me that it needs to reboot the PC to finalize . . . . Ad-Watch Live.

Other Security software I run include :-
SpyBot S&D, MBAM, ZA Free, Advanced System Care, IS 360, AVIRA Personal, SAS and Trend Micro's RU Botted.

It is only AVIRA and Ad-Aware that I'm experiencing troubles with.

Does anyone have any clues as to what I might do ??
All Security software is successfully updating their Definitions (it appears).

Perhaps this isn't an Ad-Aware issue. Perhaps it's an AVIRA issue - or a Zone Alarm issue. I'm not "pointing the finger". :) I'm just looking for assistance from some kind person/s.

Thanks for any help.
Kind regards - Footloose

Share this post


Link to post
Share on other sites
Most likely the infection is interfering with the security software. Best thing you can do is follow the instructions in my signature for posting in the HijackThis forum where somebody will help you diagnose/remove any malware. Then you can try it again with Avira and Ad-Aware.

Share this post


Link to post
Share on other sites
woah! I'm sorta surprised in one way that you got infected, you have like a army on your PC with all those programs, but on the other hand your typical signature based security solution isn't quite powerful enough for this day n age of malware as there are far too many malware for AV vendors too keep up with, that's why sandboxing and having some sort of HIP's ( host intrusion protection ) software is needed.

Goodluck

Computer Wizard Edited by Computer wizard

Share this post


Link to post
Share on other sites
[quote name='visitor' post='121303' date='Jul 18 2010, 09:03 PM']Most likely the infection is interfering with the security software. Best thing you can do is follow the instructions in my signature for posting in the HijackThis forum where somebody will help you diagnose/remove any malware. Then you can try it again with Avira and Ad-Aware.[/quote]

Thanks Visitor & Computer Wizard,

V - I will post my log in the HJT Forum. I'm actually using the "damaged" PC to write this. Have just performed all security "definition" updates - and they all appear to been successful.

CW - Are you able to make any suggestions (within the rules of this Forum) as to what software I should be using for the Sandboxing and HIP stuff ?? Perhaps PM me ??

I don't think this PC is "infected" any more. I think it may simply be suffering damage of the drive-by attack.
Last time this TYPE of thing happened to one of my PC's - it turned out to be the PSU in the process of failing completely. That PC was doing some very strange things (not remembering configurations, etc). Had the PSU checked. Came up OK. The very next day - it failed !!!! Took with it - the M'board, 2 HDD's, 1 stick of RAM, and a lot of genealogy data !!!!

I don't think it's a Hardware problem this time.

Before posting to the HJT Forum - I'll reboot, to see if the updated Definitions have 'done anything' (had a 'miraculous' effect).

Thanks again for your help.
Cheers - Footloose

Share this post


Link to post
Share on other sites
Now that you've posted in HJT:

[url="http://www.lavasoftsupport.com/index.php?showtopic=29671"]http://www.lavasoftsupport.com/index.php?showtopic=29671[/url]

I'll close this topic for now. If this needs to be reopened after HJT, PM me or any moderator.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this