Author Topic: AR boot scan (solved)  (Read 13889 times)

0 Members and 1 Guest are viewing this topic.

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88900
  • No support PMs thanks
Re: AR boot scan (solved)
« Reply #15 on: December 13, 2008, 08:47:15 PM »
You're system you're choice, but to me pretty sure doesn't cut it.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Avaster

  • Guest
Re: AR boot scan (solved)
« Reply #16 on: December 13, 2008, 10:57:22 PM »
You're system you're choice, but to me pretty sure doesn't cut it.
Well, guess i will go just ahead  and remove that Smitfraud folder and that process.exe from system32 directory. I don't use that Smitfraud anyway.

YoKenny

  • Guest
Re: AR boot scan (solved)
« Reply #17 on: December 13, 2008, 11:07:15 PM »
I just received another alert that I told it to ignore Again and I have just had a database update but I did send it in:

https://www.virustotal.com/analisis/5751910445049459da47064c40797aa5

I removed the Smitfraud folder but process.exe is still in system32 folder which I shall remove now.

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88900
  • No support PMs thanks
Re: AR boot scan (solved)
« Reply #18 on: December 14, 2008, 12:32:25 AM »
Personally as a first step I would rename it so whatever is running it won't find the original file and may just pop-up the file not found message and see if there is any way to get a handle on it.

If with it renamed if it isn't causing any issues and I don't believe it should then I would add it to the avast chest User Files section (so you always have a fall back option) before deleting it in the system32 folder.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Avaster

  • Guest
Re: AR boot scan (solved)
« Reply #19 on: December 14, 2008, 04:40:54 PM »
I removed the Smitfraud folder but process.exe is still in system32 folder which I shall remove now.
Btw Kenny, there still might be few other Smitfraud files in your system32 folder. I had 4 same Smitfraud files in my system32 folder, that were also in my main Smitfraud folder. And yes, they were the same files, with a few minutes creation time difference.

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88900
  • No support PMs thanks
Re: AR boot scan (solved)
« Reply #20 on: December 14, 2008, 05:51:27 PM »
we'll change this detection probably.. main group targeted by the algo comes from PUP greyzone, which we don't want to treat so roughly..

So as I suspected this is likely to have nothing to do with smitfraud other than coincidence.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Avaster

  • Guest
Re: AR boot scan (solved)
« Reply #21 on: December 14, 2008, 07:59:40 PM »
we'll change this detection probably.. main group targeted by the algo comes from PUP greyzone, which we don't want to treat so roughly..

So as I suspected this is likely to have nothing to do with smitfraud other than coincidence.
You are wrong, it's Smitfraud file.

Hey come on, why many people here are all of a sudden infected by this process.exe? And they all seem to have Smitfraud...hmmm..
« Last Edit: December 14, 2008, 08:03:44 PM by Avaster »

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88900
  • No support PMs thanks
Re: AR boot scan (solved)
« Reply #22 on: December 14, 2008, 08:16:42 PM »
Deleted - I'm wasting no more time on this, I will leave it up to Alwil.

« Last Edit: December 14, 2008, 08:26:06 PM by DavidR »
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security