Author Topic: avast! Warning - Suspicious File Found (~.exe) ?  (Read 20687 times)

0 Members and 1 Guest are viewing this topic.

Silverwing86

  • Guest
avast! Warning - Suspicious File Found (~.exe) ?
« on: October 24, 2009, 09:55:05 AM »
Hi all,

(Total) Newbie here and I have a question.

I'm using Avast! version 4.8 Home Edition Free Antivirus and am getting a window with this warning:



Originally, the link under "Privacy Policy" seemed to lead to Avast, but the mouse-over stopped working when I tried to right click it (to copy the link in "Properties") !

The reason I'm doubtful about this message is that this warning does not show up in the Avast Console at all.

Anyone any ideas ? Is this legit or something creepy ??

Thanx for any advice !

Cheers,
Silver

Offline .: L' arc :.

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1780
  • Thinking with Portals
Re: avast! Warning - Suspicious File Found (~.exe) ?
« Reply #1 on: October 24, 2009, 10:32:11 AM »
 Welcome to the forums Silverwing86,

 Don't worry, the alert is legit. The file ~.exe is oddly named and can be deemed suspicious already but to be sure enough, you may check the file by sending it to VirusTotal. Please give us a link to the results of the scan.
« Last Edit: October 24, 2009, 10:51:02 AM by .: L' arc :. »
Windows 7 (64-bit) Home Premium SP1
avast! 9 RC1

Offline superhacker

  • Avast Evangelist
  • Advanced Poster
  • ***
  • Posts: 979
  • superhacker != super mario
Re: avast! Warning - Suspicious File Found (~.exe) ?
« Reply #2 on: October 24, 2009, 10:34:04 AM »
enter here and you will get rid of it if it is a virus or you will know it is not a virus:http://forum.avast.com/index.php?topic=50106.0
Dreams don't die, they just fall asleep.

Offline superhacker

  • Avast Evangelist
  • Advanced Poster
  • ***
  • Posts: 979
  • superhacker != super mario
Re: avast! Warning - Suspicious File Found (~.exe) ?
« Reply #3 on: October 24, 2009, 10:37:40 AM »
l'arc:
you say dont worry and he has a rootkit,and how he will send it to virus total  ;D ;D
Silverwing86:
go to the adviced topic and you will learn how to remove rootkits.
Dreams don't die, they just fall asleep.

Offline .: L' arc :.

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1780
  • Thinking with Portals
Re: avast! Warning - Suspicious File Found (~.exe) ?
« Reply #4 on: October 24, 2009, 10:40:09 AM »
you say dont worry and he has a rootkit,and how he will send it to virus total  ;D ;D

 Read carefully and you'll understand what is the legit I am referring to not worry about.
Windows 7 (64-bit) Home Premium SP1
avast! 9 RC1

Offline superhacker

  • Avast Evangelist
  • Advanced Poster
  • ***
  • Posts: 979
  • superhacker != super mario
Re: avast! Warning - Suspicious File Found (~.exe) ?
« Reply #5 on: October 24, 2009, 10:45:30 AM »
no you read carefully  the file is rootkit"active one "how he will send it
Dreams don't die, they just fall asleep.

Offline .: L' arc :.

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1780
  • Thinking with Portals
Re: avast! Warning - Suspicious File Found (~.exe) ?
« Reply #6 on: October 24, 2009, 10:51:24 AM »
 Then forgive my feeble mind. Post has been corrected.
Windows 7 (64-bit) Home Premium SP1
avast! 9 RC1

Silverwing86

  • Guest
Re: avast! Warning - Suspicious File Found (~.exe) ?
« Reply #7 on: October 24, 2009, 11:32:54 AM »
Thanx guys, much appreciated !

But if this is indeed legit, why does the warning not show up in the Avast Log and why does Avast not pick it up when I do a full system scan ? The full system scan came up squeeky clean.

Sorry if I seem a bit 'thick', that's probably because I am ;D !

Thanx again!

Cheers,
Silver

Offline superhacker

  • Avast Evangelist
  • Advanced Poster
  • ***
  • Posts: 979
  • superhacker != super mario
Re: avast! Warning - Suspicious File Found (~.exe) ?
« Reply #8 on: October 24, 2009, 12:01:56 PM »
hi brother:here is the methods to detect viruses"in very simple"
when you scan by avast full system scan avast run it engine and scan files and avast depends on signature of viruses,trojans ,rootkits,.......and  on heuristics logarithms:example:if x file do y and z tell the user there is a suspicious file,and generic detection:like the family of conficker has some likes between them so avast will detect any file has some of its features"that for scan"
butwhen system start avast scan for active rootkits not by signatures but by behaviors depending on GMER anti rootkit so he will tell about any active rootkit not by signatures and you can check from gmer by download ashampoo firewall adn in settings make firewalll hidden from other processes then scan by gmer and you will see that ashampoo firewall is a rootkit from gmer side.so follow the anti rootkits in the adviced topics and you will get rid of the rootkit,or delete it simply by avast.
Dreams don't die, they just fall asleep.

Offline Tarq57

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 3695
  • If at first you don’t succeed; call it version 1.0
Re: avast! Warning - Suspicious File Found (~.exe) ?
« Reply #9 on: October 24, 2009, 12:30:06 PM »
Silverwings 86,
Hi and welcome to the forum.
Rootkits (if this is indeed one) can be serious.
I'd try a scan with a "second opinion" (and well regarded) scanner. Please download MBAM (free version), install it, update it, and have it run a quick scan.
Please post the scan log.
(If you search the forum, you will see that MBAM is widely recommended, here.)
Windows 10,Windows Firewall,Firefox w/Adblock.

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: avast! Warning - Suspicious File Found (~.exe) ?
« Reply #10 on: October 24, 2009, 12:38:06 PM »
That is part of the TDSS rootkit (the spawning element) so it does need to be killed

Silverwing86

  • Guest
Re: avast! Warning - Suspicious File Found (~.exe) ?
« Reply #11 on: October 24, 2009, 02:12:55 PM »
Thanx again for the useful help and advice.

I'm running MBAM now and will post the results when it's done.

Cheers,
Silver (I'm a 'Ms' by the way ;))

Offline superhacker

  • Avast Evangelist
  • Advanced Poster
  • ***
  • Posts: 979
  • superhacker != super mario
Re: avast! Warning - Suspicious File Found (~.exe) ?
« Reply #12 on: October 24, 2009, 03:01:07 PM »
so you scan by mbam and dont scan by rku,gmer,aswar.
 brother mbam maybe can detect rootkits before they are active but it is impossible to detect any active rootkits,by the way maybe mbam detect some malwares in your pc but they are not the rootkits,so follow my or essexboy advice,we want to help you but maybe you dont want to help your self it is a ROOTKIT!!!!!!!!!
Dreams don't die, they just fall asleep.

Silverwing86

  • Guest
Re: avast! Warning - Suspicious File Found (~.exe) ?
« Reply #13 on: October 24, 2009, 03:10:35 PM »
Okay, here is the log:


Malwarebytes' Anti-Malware 1.41
Database version: 3024
Windows 5.1.2600 Service Pack 3

25-10-2009 02:02:11
mbam-log-2009-10-25 (02-02-11).txt

Scan type: Quick Scan
Objects scanned: 140859
Time elapsed: 11 minute(s), 33 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 2

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Services\del (Malware.Trace) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\system32\~.exe (Trojan.KillFiles) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\_id.dat (Malware.Trace) -> Quarantined and deleted successfully.


It looks (to my very inexperienced eye) as if the nasty file(s) was/were deleted. Now I'll see if I can understand the other suggestions made here.

@Superhacker:
I do wish to help myself, but please keep in mind that I don't know much about any of this stuff, I'm just trying to do my best to sort this mess out. As I mentioned before, I'm a total newbie and need easy to understand, step by step instructions. I am now following the first step that was easy for me to understand (and a tool I had heard of before, I might add, which made me feel a bit more confident in using it first) and to follow. I am not ignoring your advice, just taking it one step at a time. Your patience is appreciated !

Thanx again and Cheers,
Silver

Offline superhacker

  • Avast Evangelist
  • Advanced Poster
  • ***
  • Posts: 979
  • superhacker != super mario
Re: avast! Warning - Suspicious File Found (~.exe) ?
« Reply #14 on: October 24, 2009, 03:14:14 PM »
sorry,but i just want your pc get better and you are right some of i write is hard to find or understand :)
Dreams don't die, they just fall asleep.