When ever I try to post to this forum I get this.

It seems that Avast is trying to do something when I try and post that SD doesn't like

The above popup says its prevented "adware.adsponsor" when I look at the details it says Adware.adsponsor and the infection:
c"\winnt\temp\Avast\ and a file # *.temp.
If I do a complete scan nothing shows up????????

Cut and paste:
3/29/2009 1:03:19 PM:849
IntelliGuard: System Event Blocked
Threat Name - Adware.Adsponsor
Details - Spyware Doctor has blocked an application attempting to access a file.
Risk Level - Low
Infection - C:\WINNT\TEMP\_AVAST4_\UNP67747078.TMP
3/29/2009 1:03:19 PM:869
IntelliGuard: System Event Blocked
Threat Name - Adware.Adsponsor
Details - Spyware Doctor has blocked an application attempting to access a file.
Risk Level - Low
Infection - C:\WINNT\TEMP\_AVAST4_\UNP67747078.TMP
3/29/2009 1:09:14 PM:208
Scan Started
Scan Type - Intelli-Scan
3/29/2009 1:21:03 PM:619
Scan Finished
Scan Type - Intelli-Scan
Items Processed - 179371
Threats Detected - 0
Infections Detected - 0
Infections Ignored - 0
3/29/2009 4:09:15 PM:911
IntelliGuard: System Event Blocked
Threat Name - Adware.Adsponsor
Details - Spyware Doctor has blocked an application attempting to access a file.
Risk Level - Low
Infection - C:\WINNT\TEMP\_AVAST4_\UNP151997384.TMP
3/29/2009 4:09:15 PM:951
IntelliGuard: System Event Blocked
Threat Name - Adware.Adsponsor
Details - Spyware Doctor has blocked an application attempting to access a file.
Risk Level - Low
Infection - C:\WINNT\TEMP\_AVAST4_\UNP151997384.TMP

Testing to see if I can send

With SD blocking this action if I try to post I keep getting the message "waiting for pctools and the hour glass just keeps on spinning. If I get out of the forum and go back the message was actually posted. If I disable Avast the posts go through normally.

With SD blocking this action if I try to post I keep getting the message "waiting for pctools and the hour glass just keeps on spinning. If I get out of the forum and go back the message was actually posted. If I disable Avast the posts go through normally.

I installed Avast v4.8 with SD and could not recreate the problem. Is it possible to zip up and attach the file that SD is detecting?

The Avast temp folder is still there but the temp files are gone. Let's see if I can post this message.
One question though Anthony. Why would SD have a popup saying that a potential threat was blocked but upon doing a complete scan nothing shows up. System is completely clean.

This is new. I have an idea what it is. Avast started having a popup and there splash screen has changed with Blah, Blah' blah about being prepared for April 1st with redirection for more info. For some reason the only time I get the SD popup is when I try to post here. let's see what happens after April 1st.

Let me see what happens now.

The files are not there but I get the warning. Only when I try to post to this site!!!!!

The post still gets posted. The screen just never goes back. This time I allowed it. let's see.

Goes right thru but I now get a warning that a threat has been allowed by SD. I have no other symptoms to tell about.

Just checking today.

Just checking once again.

Check after reinstall of Avast

That fixed it. Avast must have been corrupt in some way.

Well it's happening again so I at a loss. I look in the history and it references a temp file that doesn't exist in: winnt\temp\avast\ *.tmp.

I wonder if this works

Yes it does. I told Avast Web Shield to not scan www.pctools.com and that stopped it. So Anthony what do you think is up? Would I be better to let Avast WebShield scan WWW.pctools.com & tell SD to allow Avast to scan?

I told SD to allow, in the global action list, Avast resisdentwebshield.dll

That didn't work.

The only thing that works is to put the exclusion in Avast as mentioned above. Don't know what this means.:confused:

SD appears to take exception on the way Avast scans the PC Tools website. It should be safe to allow both in SD and Avast or since allowing in Avast is working then you may want to leave it at that.

Thanks Anthony,
I also have an inquiry into Avast. Something changed recently at Avast .Why just the PC Tools site? Here's there response if it makes sense to you. Doesn't to me. Things like this make me a little uncomfortable.
Hello John!

Thank you for contacting ALWIL Software company with your concerns.

My name is Michal and I am happy to assist you today.

SD is detecting the viruses in avast's temporary, working files that avast! scans. There's nothing to fix, you just shouldn't use more than one antivirus on your computer, as it can cause even worse problems and, in fact, it leads to less security.

So what must be happening is this;
1. When I post Avast scans the post
2. Avast doesn't like what it sees
3. Avast tries somesort of corrective action
4. SD doesn't like this action & blocks

So I think it all boils down to: What is being generated when I hit the post button that Avast doesn't like?
Is anyone else reporting this?

and once again!!!!

Prior to this post, there were 26 posts in this thread of which 25 were yours.
Perhaps Avast was just complaining that you were working it too hard.

Well Anthony I give up. Forgive me but I even ran Malwarebytes scan & everything is clean. The Avast folks say it's a false positive from SD. At this point i'll just have Avast not scan this forum. BTW I got the same popup from SD when I tried to log into the Avast forum.

Prior to this post, there were 26 posts in this thread of which 25 were yours.
Perhaps Avast was just complaining that you were working it too hard.

I do hope you are kidding. The only way I can check things I try is to try and post.

> I do hope you are kidding.

I was. It's all in the title of this thread.

What did avast mean when they said "SD is detecting the viruses in avast's temporary, working files that avast! scans."

Is that only true if avast _finds_ viruses during a scan?

I have no idea what they meant and they haven't replied back.Doubt they will.

testing avast - sd problem

And your conclusion?

Still trying to figure this out.

One last shot in the dark.

Well I'll be dang!! Guess what else updated about the time I had the problem? Firefox! I'm posting this from IE with all of the exclusions removed from Avast and ther's no problem. I'll revert back to the other version of Firefox and see what happens

Firefox 3.0.7 instead of 3.0.8

That was it!!

Test of a fresh install of Firefox 3.0.8 not auto update.

Nope. Firefox 3.0.8 is definetly at issue here. Back to 3.0.7. Not even going to report to them as their about to release v 3.1.0

now 3.0.7 is doing it. I GIVE UP:mad:

Something changed. Not sure if it's me or the forum. Each time I would post it made me sign in. Now it doesn't as I am signed in and I've been able to post without issue. This will probably make a liar out of me but let's see.

So far so good.

Well it's doing it again.

Logfile of HijackThis v1.99.1
Scan saved at 8:12:34 AM, on 4/14/2009
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\csrss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\Microsoft.NET\Framework\v2.0.50727\aspnet _state.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\PC Tools Firewall Plus\FWService.exe
C:\WINNT\system32\MSTask.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Program Files\ThreatFire\TFService.exe
C:\Program Files\UPHClean\uphclean.exe
C:\WINNT\system32\MsPMSPSv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\dmadmin.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Microsoft Hardware\Mouse\point32.exe
C:\WINNT\GWHotKey.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe
C:\Program Files\ThreatFire\TFTray.exe
C:\Program Files\Belkin\F5D9010\Belkinwcui.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\WINNT\system32\ctfmon.exe
C:\Program Files\Registry Mechanic\RegMech.exe
C:\Program Files\DeskPins\DeskPins.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Program Files\Mozilla Firefox 3.1 Beta 3\firefox.exe
C:\WINNT\system32\svchost.exe
C:\HiJackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [Multi-function Keyboard] GWHotKey.exe
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [oleaut32.dll] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [00PCTFW] "C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe" -s
O4 - HKLM\..\Run: [ThreatFire] C:\Program Files\ThreatFire\TFTray.exe
O4 - HKLM\..\Run: [F5D9010] C:\Program Files\Belkin\F5D9010\Belkinwcui.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
O4 - HKCU\..\Run: [RegistryMechanic] C:\Program Files\Registry Mechanic\RegMech.exe /H
O4 - Startup: DeskPins.lnk = C:\Program Files\DeskPins\DeskPins.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\microsoft office\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\Microsoft Office\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\pc tools\lsp\pctlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\pc tools\lsp\pctlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\pc tools\lsp\pctlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\pc tools\lsp\pctlsp.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1229541542553
O17 - HKLM\System\CCS\Services\Tcpip\..\{2E36C00D-91AB-4BD8-8A5F-76AC34440C65}: NameServer = 209.244.0.3 209.244.0.4
O17 - HKLM\System\CS1\Services\Tcpip\..\{2E36C00D-91AB-4BD8-8A5F-76AC34440C65}: NameServer = 209.244.0.3 209.244.0.4
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe
O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - PC Tools - C:\Program Files\PC Tools Firewall Plus\FWService.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: ThreatFire - PC Tools - C:\Program Files\ThreatFire\TFService.exe

I'm still just testing

I really think I have my problem solved. I'll post in a couple of days when I'm 100% sure.

Well I completely reformated my computer, upgraded from Win2K to XP and it still does it. To weird!:eek: