Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Avg-Secure -Search-Update_1114av.exe has appeared in task manager


  • Please log in to reply
12 replies to this topic

#1 rp88

rp88

  • Members
  • 2,980 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:01:47 AM

Posted 06 November 2014 - 01:14 PM

Since about 5 minutes after going online today two copies of this process have appeared in task manager. I've had it happen before and i had some severe trouble with my computer a while later. The file is digitally signed by avg and it lurks somewhere within c:\users\myusername\appdata\roaming . there is also another copy of it within c\:programdata\ this second copy is the one which is mentioend in shceduled tasks, the first copy is the one which is running right now and set for startup. It also made two scheduled tasks (as seen through ccleaner's list of startups and scheduled tasks) one which runs it at startup, one which delete it from the system but that second one isn't set to run until 6th december. I don't think it's malicious but it is certainly weird, and when it first started (about five minutes after logging on and connecting to the internet via ethernet cable) i was checking my emails via google chrome (i use chrome to visit gmail and bbc sites, firefox for all other browsing) and the coloured border round the browser flickered and flashed a bit. It was the flickering and flashing that made me think "better check task manager" and hence i saw these two processes had popped up. It's a bit weird and i would like some advice on whether i should be concerned, the flashing and flickering creeped me out a little but i know this file is digitally signed and i have seen it happen before (i did several rounds of system restoring and reinstalling of programs between then and now). My system is windows 8 64 bit, my main antivirus is avg free(2015 version), mbam is my secondary scanner but i use a couple of other scanners too (i'm running them all now to make sure nothing is wrong, i'm pretty sure they'll all come up clean),i use chrome for some browsing, but firefox with noscript and adblock plus for most of my browsing. I have never conciously installed any of avg's other tools except for the main antivirus, avg secure search extension is NOT installed in either chrome or firefox.
Back on this site, for a while anyway, been so busy the last year.

My systems:2 laptops, intel i3 processors, windows 8.1 installed on the hard-drive and linux mint 17.3 MATE installed to USB

BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,265 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:47 PM

Posted 06 November 2014 - 04:47 PM

AVG Security Toolbar and AVG Secure Search (created by the makers of AVG Anti-virus) are optional add-ons when installing their anti-virus product if you choose "Customized" install instead of "Express". Since most folks choose an Express install they usually are not aware these options are also being installed as they are pre-checked by default during installation. Some users have also reported that after AVG auto-updates, it will install the toolbar as a browser add-on without input from the user.

AVG Security Toolbar and AVG Secure Search are also commonly bundled as an option with other free software users may download and install. Many folks overlook that option since it is pre-checked by default and they unknowingly install it. For example, the toolbar is bundled with PDFCreator.

So even if you decline the option to use these add-ons when installing AVG anti-virus, you may still end up finding them on your system some point after an AVG update or by unknowingly downloading and installing another program where they have been bundled. This also explains how those who never used AVG anti-virus also sometimes find AVG Secure Search and the Security Toolbar installed. Be careful what you download and read everything during the installation.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 rp88

rp88
  • Topic Starter

  • Members
  • 2,980 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:01:47 AM

Posted 06 November 2014 - 06:52 PM

I am sure i went through the full custom install route when i installed avg on this machine in early october (in late september i wiped everything except for personal files back to the state that the system was in when brand new, i then reinstalled all programs including avg at that point. this computer has, effectively, no history before 30th september 2014). What's more this pair of exe files didn't show up until today, they suddenly appeared when i looked in task manager early after logging on today(i looked in it because i saw some funny flashing and momentary slowing from google chrome and wondered what it was, it must have been caused by avg using more than the usual amount of memory during the install and activation of these things) , they were not in task manager (or on my system at all) on the 5th november, i connect to the internet on the 6th november and suddenly two of the things are running. I have been fortunate that the avg extension/plugin has not made it's way into any of my browsers (well it might in IE but i nevr use that one so haven't checked it)it's just running as a process. I haven't done any installing of new software since 30th september (ish) so it didn't come with anything i installed recently, avg must have "self-activated" this thing and downloaded it itself when i connected to the internet today at 1800 hours uk time(ish). The process is not exactly a memory/cpu hog, it barely uses anything of my system's resourcees but it seems weird to have it there, furthermore as it doesn't seem to actually do anything i don't know why avg would want it to be running. I'll post again tomorrow and describe whether there have been any further weird events with this.

p.s. i don't think this thread needed shifting into "am i infected" forum. I knew this wasn't a virus because it had happened before (before the full reinstall that is) to me, and the files are all digitally signed by avg, i just consider it a strange thing for my antivirus (and the company that makes my antivirus) to be doing. I just find it the existence of this process a bit confusing and slightly worrying, as opposed to actively malicious, dangerous, suspicious and evil.

Edited by rp88, 06 November 2014 - 06:56 PM.

Back on this site, for a while anyway, been so busy the last year.

My systems:2 laptops, intel i3 processors, windows 8.1 installed on the hard-drive and linux mint 17.3 MATE installed to USB

#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,265 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:47 PM

Posted 06 November 2014 - 07:15 PM

As I said even if you chose not to install AVG Secure Search, you may still end up finding them on your system some point after an AVG update or by unknowingly downloading and installing another program where they have been bundled.

If it came bundled...other crap may have been installed as well.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 rp88

rp88
  • Topic Starter

  • Members
  • 2,980 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:01:47 AM

Posted 07 November 2014 - 01:23 PM

It's still here today. It hasn't done anything, it just sits their as a task running in the background feeling out of place. I gave the computer several scans (mbam, eset online scanner, avg, kaspersky virus removal tool, security check, rkill, mbar) and it's all clean so i'm confident this is just harmless weirdness. I still don't get why avg has done it though, i can't see what it gains them. I can't see any other crap installed, it came with avg recently, not with any other program(i haven't installed anything new for ,many, many weeks) into which this exe file was bundled.
Back on this site, for a while anyway, been so busy the last year.

My systems:2 laptops, intel i3 processors, windows 8.1 installed on the hard-drive and linux mint 17.3 MATE installed to USB

#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,265 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:47 PM

Posted 07 November 2014 - 02:07 PM

You can always ask AVG why...but they are essentially doing this to increase revenue and make money. Just another reason to add to my list of issues with AVG.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#7 rp88

rp88
  • Topic Starter

  • Members
  • 2,980 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:01:47 AM

Posted 07 November 2014 - 04:25 PM

I still think the difficulty of changing antiviruses outweighs the potential gains. There are only about 3 free antiviruses in existence (avg, avast and one other whose name i don't remember) and avg is still pretty high on test scores.
Back on this site, for a while anyway, been so busy the last year.

My systems:2 laptops, intel i3 processors, windows 8.1 installed on the hard-drive and linux mint 17.3 MATE installed to USB

#8 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,265 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:47 PM

Posted 07 November 2014 - 04:57 PM

Free Anti-virus programs: (choose and install only one)


Other Free Alternatives:

 


.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#9 rp88

rp88
  • Topic Starter

  • Members
  • 2,980 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:01:47 AM

Posted 07 November 2014 - 05:02 PM

Ok so there are four to choose from then, i wouldn't call microsoft's one an antivirus as it is fitted into windows 8 already and is the base line that everything else is compared against.


Thanks for your answers/advice/inputs here.

Edited by rp88, 07 November 2014 - 05:02 PM.

Back on this site, for a while anyway, been so busy the last year.

My systems:2 laptops, intel i3 processors, windows 8.1 installed on the hard-drive and linux mint 17.3 MATE installed to USB

#10 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,265 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:47 PM

Posted 07 November 2014 - 05:33 PM

Actually Windows 8 (and Windows RT) integrates Windows Defender (and uses that name) for its anti-virus and anti-malware protection. Windows Defender in Windows 8 provides the same level of protection against malware as Microsoft Security Essentials (MSE) and uses the same daily virus definition updates. Therefore, you cannot use Microsoft Security Essentials with Windows 8...in fact MSE is blocked from installation.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#11 rp88

rp88
  • Topic Starter

  • Members
  • 2,980 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:01:47 AM

Posted 02 January 2015 - 01:23 PM

This litttle b*****d of a process has been back since early december and I've finally worked out what it is doing. It's made a folder within C:\Users\(my user name)\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ where it saves silly little html files called "Dynamic Campaign" with a random selection of letters after them. It makes tens of these every day. Looking at the html file with notepad i found that the html file looked like the design of a webpage offering installation of the toolbar, I didn't open the html files in the browser, just looked at them with notepad text editor.


I've never seen these html pages appear anywhere within my browser, but it looks like the process is trying to show them to me tens of times every day.

The html files include phrases like "set and protect secure search as my default search provider and homepage" with html coding that looks like a yes/no option box after it, if anyone does install this toolbar it looks like it will make itself quite hard to get rid of. The html files also contain links to (i wouldn't follow this URL if were you) a page

hxxp://download-webtuneup.avg.com/partners/wtu/(number removed as it might be an individual identifier to me)/download/avgwebtuneup.exe

which from the formatting of the html file looks like it is being offered. Another thing i noticed was a list in the HTML file desribing my system, things like which browsers I run, which versions of them, which AVG version I have, what my OS is, and an individual identifier for my machine. The html file also contains things that look like options to "remind me again" but it seems like it is reasonable enough to have an option of "never" on that list. I can't read html very well, especially as it has some javascript involved, but could pick out enough information from it to make the observations I have noted above.

I could very easily kill the weird processes and use CCleaner to disable them from starting BUT I'm concerened this might cause problems for my antivirus (which is AVG free) as I suspect that this process might be somehow linked to the antivirus as it is from the same company.

I could also switch to AVAST or the free bitdefender antivirus but I have AVG seemingly working at the moment so I'm not sure if I want to risk changing something that is working for something that might not install properly or could suffer other problems, I ahve known people to have problems with all sorts of little things when they change from one antivirus to a new one.

Edited by rp88, 02 January 2015 - 01:24 PM.

Back on this site, for a while anyway, been so busy the last year.

My systems:2 laptops, intel i3 processors, windows 8.1 installed on the hard-drive and linux mint 17.3 MATE installed to USB

#12 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,265 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:47 PM

Posted 02 January 2015 - 03:50 PM

As I noted before, some users have reported the reinstallation of AVG Secure Search and/or AVG Security Toolbar after an AVG update so that could explain what is happening. If you don't want to switch your anti-virus, then I recommend you contact AVG Support and see if they have a more permanent solution.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#13 Charlie_S

Charlie_S

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:47 PM

Posted 04 August 2016 - 12:47 PM

realizing this is a several month old thread, in my case i've fought the same issue on a w7 box, finally uninstalling free avg, running ccleaner to get rid of avg registry entries, manually searching the registry and deleting some stray avg entries and i still get the avg-safe-search-update_0816av.exe reference in task manager processes.  There is no sign of it as a browser add on, its a no show in add/remove programs, nothing shows in a file search and there is no reference to it in a registry search.

And to add, since a clean install i've downloaded no software other than AVG updates. Even the software was from a previously saved install file.


Edited by Charlie_S, 04 August 2016 - 12:52 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users