Author Topic: Asus Armoury Crate downloading malware? (idp.alexa.51)  (Read 1876 times)

0 Members and 1 Guest are viewing this topic.

Offline r-visser

  • Newbie
  • *
  • Posts: 2
Asus Armoury Crate downloading malware? (idp.alexa.51)
« on: November 20, 2019, 03:27:50 PM »
I just build my new pc and installed all the software/drivers. The pc has an Asus motherboard that came with Armoury Crate software to download the latest drivers. While downloading the latest software for ASUS framework service, ASUS core SDK, AURA service, ASUS HAL Central etc. Avast popped up with a malware detection called idp.alexa.51

Can I assume this is a false positive ? I've read some bad stuff happening earlier this year about the Armoury Crate 'software' (rootkit-ish)

Offline r-visser

  • Newbie
  • *
  • Posts: 2
Re: Asus Armoury Crate downloading malware? (idp.alexa.51)
« Reply #1 on: November 20, 2019, 03:32:16 PM »
Detection log:

[2019-11-18 14:48:55.879] [info   ] [manager    ] [ 8708: 6540] Initialize mgr for id 'av'
[2019-11-18 22:27:28.753] [info   ] [manager    ] [10744:10748] Initialize mgr for id 'av'
[2019-11-19 17:30:42.607] [info   ] [manager    ] [10704:10708] Initialize mgr for id 'av'
[2019-11-19 21:36:54.729] [info   ] [manager    ] [11372: 8476] Initialize mgr for id 'av'
[2019-11-20 09:31:49.778] [info   ] [manager    ] [10788:13540] Initialize mgr for id 'av'
[2019-11-20 11:42:14.401] [info   ] [manager    ] [ 8812: 8796] Initialize mgr for id 'av'
[2019-11-20 11:44:27.610] [info   ] [manager    ] [10984:10988] Initialize mgr for id 'av'
[2019-11-20 11:47:18.449] [info   ] [manager    ] [10984: 7628] Get detection for hash 'C:\CONFIG.MSI\363DF.RBF'
[2019-11-20 11:47:18.449] [info   ] [manager    ] [10984: 7628]  - not found - create with action required '1'
[2019-11-20 11:47:18.449] [info   ] [detection  ] [10984: 7628] Window is closed - open
[2019-11-20 11:47:18.449] [info   ] [win_creator] [10984: 8020] opening window (C:\CONFIG.MSI\363DF.RBF)
[2019-11-20 11:47:18.449] [info   ] [manager    ] [10984: 8020] Get detection for hash 'C:\CONFIG.MSI\363DF.RBF'
[2019-11-20 11:52:19.334] [info   ] [win_creator] [10984: 8020] window closed (C:\CONFIG.MSI\363DF.RBF)
[2019-11-20 11:56:05.307] [info   ] [manager    ] [ 3396: 3432] Initialize mgr for id 'av'
[2019-11-20 12:27:56.469] [info   ] [manager    ] [10336:10340] Initialize mgr for id 'av'

Offline JakubS

  • Avast team
  • Newbie
  • *
  • Posts: 3
Re: Asus Armoury Crate downloading malware? (idp.alexa.51)
« Reply #2 on: November 20, 2019, 08:42:20 PM »
Hi, can confirm that this is FP, will be fixed in next update. Thanks for report