Author Topic: AAVM scanning warning  (Read 3917 times)

0 Members and 1 Guest are viewing this topic.

Defence

  • Guest
AAVM scanning warning
« on: November 09, 2009, 06:08:29 PM »
Today, I check avast! log viewer,

in the warning place, write this,

AAVM scanning warning , x_AavmCheckFileDirectEx [UNI]: C:\Windows\System32\conime.exe returning error

What is this?

Defence

  • Guest
Re: AAVM scanning warning
« Reply #1 on: November 09, 2009, 07:28:39 PM »
noone know anything about this error?

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 86913
  • No support PMs thanks
Re: AAVM scanning warning
« Reply #2 on: November 09, 2009, 07:40:13 PM »
I don't know, but you don't give the error number which would be of help to developers, etc. There are many reasons why a file can't be scanned.

- Personally I keep my nose out of the logs as for the most part the content is verbose and not to helpful to a user, more so for a developer. Only if I experience a problem with avast or hard errors are displayed to the screen do I look in the logs.
 
So are you getting any errors displayed to the screen or other avast problems ?
 
If not I wouldn't worry about this.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 22.9.6034 (build 22.9.7554.734) UI 1.0.728/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Defence

  • Guest
Re: AAVM scanning warning
« Reply #3 on: November 09, 2009, 07:52:09 PM »
error number 00000005, ı search in google conime.exe, is it trojan or backdoor?

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 86913
  • No support PMs thanks
Re: AAVM scanning warning
« Reply #4 on: November 09, 2009, 08:01:10 PM »
Windows file system error 5 is "Access is denied."

So it looks like there is some other element protecting this file.

If you haven't already got this software (freeware), download, install, update and run it and report the findings (it should product a log file).

Don't worry about reported tracking cookies they are a minor issue and not one of security, allow SAS to deal with them though. - See http://en.wikipedia.org/wiki/HTTP_cookie.

It would be advantageous now you have more than 20 posts to create a signature in your forum profile (see mine below my posts), with some basic information about your system and applications, etc. This avoids us having to ask or repeat things when trying to help.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 22.9.6034 (build 22.9.7554.734) UI 1.0.728/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Defence

  • Guest
Re: AAVM scanning warning
« Reply #5 on: November 09, 2009, 08:10:03 PM »
I use Comodo firewall with defence+ module and windows defender.


Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 86913
  • No support PMs thanks
Re: AAVM scanning warning
« Reply #6 on: November 09, 2009, 09:01:43 PM »
First, try to manually add the conime.exe file to the avast User Files, and submit to virustotal and avast if multiple VT detections, see below. If you are able to add it to the chest, first try scanning it within the chest (right click menu) as it is unlikely to have the same protection. If detected then this confirms something protecting it and no real need to send to VT or avast as it is detected by avast.

I doubt it is active otherwise I would have expected the firewall and possibly defence+ to have reacted.

Then you should run the other run the other application I suggested and post the logs.

####
Check the offending/suspect file at: VirusTotal - Multi engine on-line virus scanner and report the findings here the URL in the Address bar of the VT results page. You can't do this with the file securely in the chest, you need to extract it to a temporary (not original) location first, see below.

Create a folder called Suspect in the C:\ drive, e.g. C:\Suspect. Now exclude that folder in the Standard Shield, Customize, Advanced, Add, type (or copy and paste) C:\Suspect\* That will stop the standard shield scanning any file you put in that folder. You should now be able to export any file in the chest to this folder and upload it to VirusTotal without avast alerting.

~~~
Add the file to the User Files (File, Add) section of the avast chest (if it isn't already in the chest) where it can do no harm and send it from there. A copy of the file/s will remain in the original location, so you will need to take further action and can remove/rename that.
 
Send it from the User Files section of the chest (select the file, right click, email to Alwil Software). It will be uploaded (not actually emailed) to avast when the next avast auto (or manual) update is done.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 22.9.6034 (build 22.9.7554.734) UI 1.0.728/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security