Avast WEBforum

Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: mergerly on October 13, 2009, 08:49:31 AM

Title: Avast 4.8 says GGSafe.sys are Suspicious File
Post by: mergerly on October 13, 2009, 08:49:31 AM

GGSafe is antivirus protection. The Web is http://www.ggsafe.com. Avast 4.8 says GGSafe.sys are Suspicious File.
The Tip is "A suspicious file has been detected (using a heuristic method). This may be a sign of malware infection.
Please allow the file to be submitted to our virus lab for analysis. Type:hidden services". The Picture Follow.
(http://bbs.ggsafe.com/download/Virus.bmp)

I have submitted file. And i hope fix it as soon as possible. Any question email me please.
My Email:haoyuanli@ztgame.com

Title: Re: Avast 4.8 says GGSafe.sys are Suspicious File
Post by: DavidR on October 13, 2009, 04:16:39 PM

If GGSafe is another anti-virus, then its act of hiding is the problem.

Having two resident scanners installed is not recommended as rather than provide twice the protection it can cause conflicts that could leave you more vulnerable. So you could be seeing one of the issues of having two resident AVs.

Title: Re: Avast 4.8 says GGSafe.sys are Suspicious File
Post by: mergerly on October 14, 2009, 06:41:56 AM

GGSafe isn't anti-virus, and there isn't cause conflicts GGSafe and Avast. So, Avast shouldn't report GGSafe.sys is Suspicious File. I suggest that avast ignore this report.

Title: Re: Avast 4.8 says GGSafe.sys are Suspicious File
Post by: YoKenny on October 14, 2009, 12:16:14 PM

Malwarebytes' Anti-Malware (MBAM) reports malware on 222.73.110.194 hxxp://bbs.ggsafe.com
http://hosts-file.net/?s=222.73.110.194&view=matches <== response time slow

Title: Re: Avast 4.8 says GGSafe.sys are Suspicious File
Post by: nmb on October 14, 2009, 12:44:43 PM

WOT doesn't have any rating for it. If WOT has not yet rated it yet, then I wouldn't believe the site or the product hosted there.

nmb

Title: Re: Avast 4.8 says GGSafe.sys are Suspicious File
Post by: DavidR on October 14, 2009, 03:11:16 PM

Quote from: mergerly on October 14, 2009, 06:41:56 AM

GGSafe isn't anti-virus, and there isn't cause conflicts GGSafe and Avast. So, Avast shouldn't report GGSafe.sys is Suspicious File. I suggest that avast ignore this report.

I got that impression from a couple of google hits, but it wasn't easy to find information not in Chinese - Notice I started the comment with 'If' as the search wasn't conclusive.

So if it isn't an anti-virus, then I would have to ask a) what exactly is it and b) why it is necessary to hide the service; which is what avast is finding 'suspicious.' ?

This however isn't a conclusive detection but a suspicion based on heuristic detection method in the anti-rootkit scan.

You could also check the offending/suspect file at: VirusTotal - Multi engine on-line virus scanner (http://www.virustotal.com/) and report the findings here the URL in the Address bar of the VT results page.