Hello all,
Since two days, avast is detecting high severity virus, but does not give option to remove it.
Also, the virus is only detected during ‘Screensaver scan’ and not in any of the other type(not even boot time).
How do i remove this infection? Please help
Process 1524 [cmdagent.exe], memory block 0x0000000002E00000, block size 1867776 [L] Win32:FakeVimes-B [Trj] (0)
Process 1428 [ctfmon.exe], memory block 0x0000000000400000, block size 24576 (ctfmon.exe) [L] Win32:Trojan-gen (0)
Nothing to worry about. 
avast! detects unencrypted definitions of Comodo in memory.
You can ignore this or exclude the Comodo files in the screensaver scan.
omg, they are false positives? I had one more report too and i was able to move it to chest(so did not mention earlier).
C:\hp\bin\ProcessLogger.exe [L] Win32:PUP-gen [PUP] (0)
Is it false positive too?
Since two days, avast is detecting high severity virus, but does not give option to remove it.bc it is a process and not a file....cant move a process to the chest
Also, the virus is only detected during 'Screensaver scan' and not in any of the other type(not even boot time).bc you have selected "Scan Memory" in the screensaver scan settings.....do not use "scan memory" as it will give some strange scan results
wow! i always thought PUP was some kind of deep level scanning.
Thanks Asyn!
After restoring that file from chest, i found many other files lying there with the PUP(Potentially Unwanted Program) tag.
<OrigFileName>KillIt.exe</OrigFileName>
<OrigFolder>C:\hp\bin</OrigFolder>
<Comment/>
Win32:KillApp-W [PUP]
<Category>Vir</Category>
<OrigFileName>A0039775.exe</OrigFileName>
<OrigFolder>C:\System Volume Information\_restore{ DFSDF-DFGFG-4545-FG45-56565654646}\RP74</OrigFolder>
<Comment/>
Win32:PUP-gen [PUP]
<Category>Vir</Category>
<OrigFileName>A0039776.exe</OrigFileName>
<OrigFolder>C:\System Volume Information\_restore{ DFSDF-DFGFG-4545-FG45-56565654646}\RP74</OrigFolder>
<Comment/>
Win32:KillApp-W [PUP]
<Category>Vir</Category>
<OrigFileName>KillIt.exe</OrigFileName>
<OrigFolder>D:\HP\bin</OrigFolder>
<Comment/>
Win32:KillApp-W [PUP]
<Category>Vir</Category>
<OrigFileName>A0039777.exe</OrigFileName>
<OrigFolder>D:\System Volume Information\_restore{ DFSDF-DFGFG-4545-FG45-56565654646}\RP74</OrigFolder>
<Comment/>
Win32:PUP-gen [PUP]
<Category>Vir</Category>
<OrigFileName>A0039778.exe</OrigFileName>
<OrigFolder>D:\System Volume Information\_restore{ DFSDF-DFGFG-4545-FG45-56565654646}\RP74</OrigFolder>
<Comment/>
Win32:PUP-gen [PUP]
<Category>Vir</Category>
<OrigFileName>A0039779.exe</OrigFileName>
<OrigFolder>D:\System Volume Information\_restore{ DFSDF-DFGFG-4545-FG45-56565654646}\RP74</OrigFolder>
<Comment/>
Win32:KillApp-W [PUP]
<Category>Vir</Category>
These do not seem to be general files. So, dont know if restoring them will make something go wrong. Can anyone help me to figure out, if its ok to restore them or let it be
You’re welcome…!