infected files with Avast scan

[johnfrance]

Hi All, I'm running an Econobox version with W7HP and ran a full scan using the free version of Avast anti virus the other day. Normally I just run the quick scan option, but as I was going out for a couple of hours I thought I'd run the full option. Anyway, I find on the report two infected files, so I look them up and lo! ccleaner.exe - win32 malware-gen and mbamservice.exe - win32: trojan-gen. Now am I being too cynical here but the files are in the two other security programs? Both are the free versions. So far I've ignored this, but has anybody else come across this before? Needless to say the PC is running perfectly. Any advice gratefully received Thanks John

[maxxcool]

Petty common for AV vendors to FP on other tools. Submit them to Virus total and see what the automated report says... if the big three detect them as a threat i'd snuff the tools. (Trend,Mcafee,symantec)

https://www.virustotal.com/

Regards...

[Welch]

Petty common for AV vendors to FP on other tools. Submit them to Virus total and see what the automated report says... if the big three detect them as a threat i'd snuff the tools. (Trend,Mcafee,symantec)

https://www.virustotal.com/

Regards...

^ what he said .

Its not 100% uncommon for a virus to attach itself to anti-spyware and anti-virus software to disable them. But its very unlikely if you don't find the virus elsewhere and Avast is good and all, but I've found it to be over zealous sometimes. I've got W7 systems running paid Business protection and Professional versions on system that have both CCleaner and Malewarebytes, no detections. That is running the most updated software and definition of Avast as well. The other possibility is that those tools have some line of code in them that could be perceived as having too much power to modify system settings, like Registry changes (CCleaner).

Does the report list a specific Virus attached to those files, a named virus? My honest recommendation would be to make sure Avast is 100% up to date of course, and then tell it to do a boot time scan. Scanning the system while its running is only good to a certain extent. If you really want to attempt to catch things that may reside on your system, run the Boot-Time scan on.

The only reason you may have received false detections (if they are false) is if you somehow turned Heuristic detection up. This will make it recognize all sorts of code as possibly being malicious. Unless your trying to track down a nasty bug that your sure is running, leave the Heuristic set at 3/4 like it is by default.

[Aphasia]

False positives are always a possibility. On F-Secure I know there is several installers that unfortunately use an algoritm for some of the stuff that is also used for packing malicious code. I think they eventually got it corrected or redid their software packeging strategy.