Hi, after I opened the computer and logged in today Avast popped up that it detected a rootkit, but when I tried “Fix/repair/move to chest” it didn’t work and said that the request is not supported.
I subsequently scanned the file on its own with Avast and it came up clean, it was only when I conducted a general scan that it would detect the file as a virus. And again, originally Avast just popped up on its own that it found a rootkit without me doing any scan.
This behavior from Avast is quite strange, since Avast detects the file as malicious in one instance but not in another, and it doesn’t know how to deal with it.
Also keep in mind that Avast never found this file to be malicious before in any of my previous scans.
The executable file in question isn’t used, and its service wasn’t running at the time that Avast detected it.

Attached it a screenshot of Avast’s detection of the file, and it’s inability to deal with it.

Thank you in advance for whomever could help me with this!

Who is your ISP ?

Hi ehmen and Eddy,

It is either part of a legitimate program or the operating system itself. Removal is not needed.
Security Rating is an all green.
Here are some considerations: http://www.shouldiblockit.com/clearwiredevicediagnosticsservice.exe-c4ed9e7a82270ca1adb522a69ce50523.aspx
&
http://www.shouldiremoveit.com/CLEAR-Connection-Manager-6758-program.aspx
&
https://forums.malwarebytes.org/index.php?/topic/114975-trojandropperbcminer/
See also: http://www.computer-support.nl/Systeemtaken/taakinfo/57601/clearwiredevicediagnosticsservice.exe/

polonus

I know Polonus.
Clear was a ISP, it is now part of Sprint.
Hence why I asked who the ISP is.

Hi Eddy,

Know you knew, but that kind of avast detection is a preliminary one, as the executable is established as to be above board and to be trusted, it can be either allowed or excluded to run.
Also should be interesting to know what triggered that heuristic evo detection. What is your position on that?

Damian

detected as Supicious … Win32:Evo-Gen [susp] a on access detection only

Also should be interesting to know what triggered that heuristic evo detection. What is your position on that?

Hi Pondus,

Just as I thought from the outset, a minor issue. Like Eddy said not being used for a long time, so a “new” old file detection. And as Pondus remarks this is a kind of “unfamiliarity” detection on avast’s part. So in a sense we all (Eddy, Pondus and little old me) agree here and we have consensus.

Damian

So is it all of your opinions that the detection is a false-positive?
And why can’t it move the file to the chest if it thinks its a virus/rootkit?

Avast popped up with the Rootkit detection today again after I opened the computer, attached is the image of it.

What is the full path of that file?

The same as in the attachment of the original post above:
C:\Program Files\Clearwire\Connection Manager\clearwireDeviceDiagnosticsService.exe

Is there anyone that could help me with this?
Thank you!

Have you reported/sendt file to avast lab? https://support.avast.com

Okay, did it. Thank you.

Just wondering, why does it keep on asking me for my language preference every step of the way. I had to clicked English at least half a dozen times to get the whole thing done. Strange.

I’m I supposed to get a response from Avast?

Is it still detected?

I’m not sure, since I need to do a system scan to see.
If I just scan the file it won’t detect anything, just like I wrote in my original post right after the Avast pop up occurred.