Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Avast found 17 threats how can I remove them?


  • Please log in to reply
5 replies to this topic

#1 ImperialAgent

ImperialAgent

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:09:24 PM

Posted 24 August 2011 - 02:00 AM

I want a 100% clean system and want verification if the threats detected by Avast Free Antivirus 6 are harmful or not. I performed a custom scan and included the following All harddisks,System drive,CD-ROM and DVD drives,Memory,Auto-start programs (all users)Note:I have only one user on this laptop myself. The last thing I had it scan for was(potentially unwanted programs). When this scan finished the following 17 threats were detected. Screenshot of scan log, sorry not great quality but readable I think.

If you could interpret if these process threats are real I would greatly appreciate this. Avast will not allow me to move these to chest or delete them. So I need your help I downloaded combofix but don't want to do the wrong thing and mess up my laptop because it seems to be working very well. I use Advanced SystemCare 4, CCleaner, Hitman Pro 3.5 Note: I ran default scan and NO THREATS were found at all. I have Spybot - Search & Destroy,Malwarebytes' Anti-Malware currently Pro version still on free trial. I have done A LOT of scans with many programs. I use COMODO Firewall maximum protection to go with my chosen Antivirus as previously stated. Avast Free Antivirus 6 with current updated engine and virus definitions. If you need any further info to resolve my issue please post and I can provide it thank you for reading this, and for any help I receive. I included my system spec below in case you need it.

System Specs
Windows 7 Home Premium 64-bit (6.1, Build 7601) Service Pack 1 (7601.win7sp1_gdr.110622-1506)
Language: English (Regional Setting: English)
System Manufacturer: ASUSTeK Computer Inc.
System Model: G73Jh
BIOS: BIOS Date: 10/30/09 15:13:23 Ver: 08.00.10
Processor: Intel® Core™ i7 CPU Q 720 @ 1.60GHz (8 CPUs), ~1.6GHz
Memory: 8192MB RAM
Available OS Memory: 8116MB RAM
Page File: 3402MB used, 12829MB available
Windows Dir: C:\Windows
DirectX Version: DirectX 11

Edited by ImperialAgent, 24 August 2011 - 02:37 PM.


BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 32,437 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:10:24 PM

Posted 24 August 2011 - 10:41 AM

The last thing I had it scan for was(potentially unwanted programs). When this scan finished the following 17 threats were detected.

If these detections only appeared when doing that, please be aware that a Potentially Unwanted Program (PUP) is a very broad threat category which can include any number of different programs to include those which are benign as well as malicious. They may also be defined somewhat differently by various security vendors.Some programs falling into the PUP category have legitimate uses in contexts where an authorized user or administrator has knowingly installed it. When flagged by an anti-virus or security scanner, it's because the program includes features, behavior or files (compressed, packed) that appear suspicious or which can potentially be used for malicious purposes. Compressed and packed files in particular are often flagged as suspicious by security software because they have difficulty reading what is inside them. Other legitimate files which may be obfuscated, encrypted or password protected in order to conceal itself so they do not allow access for scanning but often trigger alerts by anti-virus software.

These detections do not necessarily mean the file is malware or a bad program. It means it has the potential for being misused by others or that it was simply detected as suspicious or a threat due to the security program's heuristic analysis engine. Anti-virus scanners cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert you or even automatically remove them.

Since these detections do not necessarily mean the file is malware or a bad program, in some cases the detection may be a "false positive".


Did avast provide a specific file(s) name associated with the malware threat(s) detected? With the screenshot you posted I cannot read the full threat name and knowing that would also be helpful.

Each security vendor uses their own naming conventions to identify various types of malware so it's difficult to determine exactly what has been detected or the nature of the threat without knowing more information about the actually file(s) involved. Names with Generic or Patched are a very broad category. See Understanding virus names.
Microsoft MVP - Consumer Security 2007-2014 MVP.gif

Member of UNITE, Unified Network of Instructors and Trusted Eliminators

#3 ImperialAgent

ImperialAgent
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:09:24 PM

Posted 24 August 2011 - 02:17 PM

Thank you for your post I now realize scanning for PUP could have been my mistake, and why Avast detected theses "threats". Just in case below are better screen shots showing the scan log in it's entirety.

Posted Image

Uploaded with ImageShack.us
Posted Image

Uploaded with ImageShack.us

#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 32,437 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:10:24 PM

Posted 24 August 2011 - 02:43 PM

Process name: ACS or Agnitum Outpost Service or Atheros Configuration Service or ACU Configuration Service or Agnitum Client Service or Atheros-Konfigurationsdienst or 802.11 WLAN Configuration Service or Belkin Wireless Utility

What is acs.exe? Last year it was reported to avast and found to be a false positive.


mbamservice.exe is part of Malwarebytes Anti-Malware


The process Comodo Agent Service or COMODO Firewall Pro or COMODO Internet Security or cmdagent.exe belongs to the software Comodo Personal Firewall or Comodo Firewall or COMODO Firewall Pro or Comodo Agent Service or COMODO Internet Security or OpenOffice.org by COMODO or Comodo CA Limited.

What is cmdagent.exe?


If you suspect a file was falsely detected (a false positive) or appears suspicious, then you should submit a sample to the anti-virus's lab for analysis. Most anti-virus vendors have instructions for sample file submissions posted on their web sites. Once a file is received, a technician can examine it in more detail and provide a report letting you know the results.

If you've sent the virus to the ’Virus Chest’ , open the ’Virus Chest’, right-click on the entry for the virus, and select 'Email to AVAST Software'. Alternatively, you can send it in a password-protected zip file to [email protected] making sure the password is included in the body of the email.

avast FAQ: How can I submit a new virus to avast?
Submitting files from the Virus Chest to avast! Virus Lab
Microsoft MVP - Consumer Security 2007-2014 MVP.gif

Member of UNITE, Unified Network of Instructors and Trusted Eliminators

#5 ImperialAgent

ImperialAgent
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:09:24 PM

Posted 24 August 2011 - 04:07 PM

Okay, thank you for the clarification and quick reply. I will submit the false positives to Avast. You have been most helpful, If you wish you can close the thread thanks again.

#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 32,437 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:10:24 PM

Posted 24 August 2011 - 04:16 PM

You're welcome.

Let us know what avast has to say about the files.
Microsoft MVP - Consumer Security 2007-2014 MVP.gif

Member of UNITE, Unified Network of Instructors and Trusted Eliminators




1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users