Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

avg blocked Microsoft communication Service


  • Please log in to reply
6 replies to this topic

#1 m@men

m@men

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:11:28 AM

Posted 18 February 2015 - 02:29 AM

after a full hard drive scan avg blocked the following

 

application:  Communication Service

file:               livecomm.exe

Company:  Microsoft corporation

Direction: outgoing

connection TCP

Remote adress:  65.55.68.104:443

 

 

my copies of windows os and antivirus have always been authentic.The previous laptop had win8.1 downloaded from dreamspark,installed by me  and never had this detection

 

the new laptop (2015) has win8.1 preinstalled by HP and to be honest with u ,without installing anything yet but the antivirus the harddrive never stops spinning .Searching the services that r running i have concluded that there are 2000 HP useless services that r running in the background

 

I dont know what to do with this file.....cause it belongs to the filesystem


Edited by hamluis, 18 February 2015 - 08:01 AM.
Moved from Win 8 to AV/AM Software - Hamluis.


BC AdBot (Login to Remove)

 


#2 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,661 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:28 AM

Posted 18 February 2015 - 08:07 AM

Hi m@mem :)

If you think that AVG doesn't fit your needs as an Antivirus, you are always free to uninstall it and install another one. Personally, I find AVG to be quite invasive and also resources intensive compared to other Antivirus products. Plus the fact that they try to push you to install software when you use their Antivirus or when you try to uninstall it is just a pure shame and I hope that they feel bad about it. Anyway, I looked up the IP address to which the connection was going and it's a Hotmail server: snt407-m.hotmail.com, hence it's legitimate. I would either add an exception in AVG for that program, process or address to prevent it from being blocked in the future. Also, if you need help in setting up your new laptop, by uninstalling useless OEM bloatware or else, you can always open a thread in the All Other Applications forum and I'll help you go throught that.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#3 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,470 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:05:28 AM

Posted 18 February 2015 - 08:47 AM

Have you tried contacting AVG Support and asking them (report it)?
AVG Support Center
AVG Technical Support
AVG Support Community Forums
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#4 m@men

m@men
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:11:28 AM

Posted 18 February 2015 - 02:51 PM

thank u vm for the replies...i have set avg to accept the file....the strange thing is why did this happen in this copy of 8.1 and not @the previous one's?

 

malwarebytes premium didnt report anything.....



#5 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,661 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:28 AM

Posted 18 February 2015 - 02:53 PM

Every systems works in different ways m@men :) Sometimes two systems can be a perfect copy of each other, but one will have a certain issue and the other not. And millions of reasons could have caused this to happen. Maybe it was just a temporary false positive from AVG, it happens a lot.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,470 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:05:28 AM

Posted 18 February 2015 - 03:01 PM

....the strange thing is why did this happen in this copy of 8.1 and not @the previous one's?

That's a good reason to report it to AVG support. They need to be aware as others may encounter the same issue.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#7 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,698 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:28 AM

Posted 18 February 2015 - 03:15 PM

Now that you unblocked the file, can you upload it to www.virustotal.com and post the link here of the VirusTotal report?
This way I can have a look at the file.

Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users