Threats or No threats?

Avast Free Antivirus / Premium Security
1

Hi. Been using Avast for ever, now on version 6.0.1367. Today my routine scan threw up two threats as attachment 1.

Clicking “Apply” to move to chest did nothing.

Avast’s help says memory threats can be signatures detected from other anti-malware software. My heuristics for the daily scan is set to “Normal” as attachment 2.

I ran a few other scanners with no results, re-tried Avast, and now had four threats. See attachment 3.

Given the processes are either Avast or SUPERAntiSpyware, am I infected or is Avast barking up the wrong tree? Hitting “Apply” does nothing for the four, same as for the two.

I’m afraid to be here right now… :frowning:

2

Seems like avast! is detecting in-memory signatures of superantispyware. Not sure about the avast! processes involved. I’d ay it’s false positive somehow.

3
Hitting "Apply" does nothing for the four, same as for the two.
bc they are not file but process....cant move a process to the chest ;)

so…did you do a custom scan and selected “Scan memory” ?
if you did…DO NOT use the “scan memory” setting as this will give some strange scan results…the forum is full of cases if you search
usually it is signatures loaded in memory from other security programs installed that is detected

i recomend using the default quick / full scan with default settings…dont change the scan settings if you do not know the result…
the avast team have played with malware 24/7 for 20years so they know what is working best

4

It isn’t a process, but a memory block placed there by a process (which is named).

The memory block not being a physical file can’t be sent to the chest.

5

Erm, appears I do have a custom set scan to include memory. I’ll give myself a severe thrashing.

Still, I’ve learnt a bit more about my stupidity. ::slight_smile:

6

what is your VPS?

7

The stupid thing would have been not to report it and wonder.

Looks like lukas is interested in the detections of the avast elements (avastui.exe most likely) ;D

8

Sorry about delay, lukas.

Engine and defs are version 120209-3. I auto-update by the default 240 minutes and sometimes manually in between just for luck.

I have two subfolders full of goodies in C:\Program Files\AVAST Software\Avast\defs\

12020701 and 12020903

Ran a boot scan and a regular full system scan and Avast seems happy now. :smiley: