infected files with Avast scan

The place for all kinds of software for all kinds of operating systems.

Moderator: Dposcorp

infected files with Avast scan

Postposted on Tue Feb 07, 2012 3:01 pm

Hi All, I'm running an Econobox version with W7HP and ran a full scan using the free version of Avast anti virus the other day. Normally I just run the quick scan option, but as I was going out for a couple of hours I thought I'd run the full option. Anyway, I find on the report two infected files, so I look them up and lo! ccleaner.exe - win32 malware-gen and mbamservice.exe - win32: trojan-gen. Now am I being too cynical here but the files are in the two other security programs? Both are the free versions. So far I've ignored this, but has anybody else come across this before? Needless to say the PC is running perfectly. Any advice gratefully received Thanks John
johnfrance
Gerbil
 
Posts: 33
Joined: Wed Apr 16, 2008 5:20 am

Re: infected files with Avast scan

Postposted on Tue Feb 07, 2012 3:39 pm

Petty common for AV vendors to FP on other tools. Submit them to Virus total and see what the automated report says... if the big three detect them as a threat i'd snuff the tools. (Trend,Mcafee,symantec)

https://www.virustotal.com/

Regards...
Cybert said: Capitlization and periods are hard for you, aren't they? I've given over $100 to techforums. I should have you banned for my money.
maxxcool
Gerbil Elite
Silver subscriber
 
 
Posts: 643
Joined: Thu Sep 12, 2002 8:40 am
Location: %^&*%$$

Re: infected files with Avast scan

Postposted on Tue Feb 07, 2012 3:53 pm

maxxcool wrote:Petty common for AV vendors to FP on other tools. Submit them to Virus total and see what the automated report says... if the big three detect them as a threat i'd snuff the tools. (Trend,Mcafee,symantec)

https://www.virustotal.com/

Regards...


^ what he said :).

Its not 100% uncommon for a virus to attach itself to anti-spyware and anti-virus software to disable them. But its very unlikely if you don't find the virus elsewhere and Avast is good and all, but I've found it to be over zealous sometimes. I've got W7 systems running paid Business protection and Professional versions on system that have both CCleaner and Malewarebytes, no detections. That is running the most updated software and definition of Avast as well. The other possibility is that those tools have some line of code in them that could be perceived as having too much power to modify system settings, like Registry changes (CCleaner).

Does the report list a specific Virus attached to those files, a named virus? My honest recommendation would be to make sure Avast is 100% up to date of course, and then tell it to do a boot time scan. Scanning the system while its running is only good to a certain extent. If you really want to attempt to catch things that may reside on your system, run the Boot-Time scan on.

The only reason you may have received false detections (if they are false) is if you somehow turned Heuristic detection up. This will make it recognize all sorts of code as possibly being malicious. Unless your trying to track down a nasty bug that your sure is running, leave the Heuristic set at 3/4 like it is by default.
"I think there is a world market for maybe five computers."
Thomas Watson, chairman of IBM, 1943

i5-2500K|Asus P67 Sabertooth|16GB Corsair 1600|MSI 7850 2GB|250gb Evo 840|Corsair 400R|ET750w PSU|Logitech G5|Dell 2420L|Corsair Vengeance 1300
Welch
Minister of Gerbil Affairs
Gold subscriber
 
 
Posts: 2617
Joined: Thu Nov 04, 2004 5:45 pm
Location: Fairbanks, Alaska

Re: infected files with Avast scan

Postposted on Tue Feb 07, 2012 6:59 pm

False positives are always a possibility. On F-Secure I know there is several installers that unfortunately use an algoritm for some of the stuff that is also used for packing malicious code. I think they eventually got it corrected or redid their software packeging strategy.
Aphasia
Grand Gerbil Poohbah
 
Posts: 3402
Joined: Tue Jan 01, 2002 7:00 pm
Location: Solna/Sweden


Return to General Software

Who is online

Users browsing this forum: No registered users and 3 guests