Author Topic: Process 1656 (avastsvc.exe) Win32:FakeAlert-AAB [TRJ]  (Read 2687 times)

0 Members and 1 Guest are viewing this topic.

Damstas

  • Guest
Process 1656 (avastsvc.exe) Win32:FakeAlert-AAB [TRJ]
« on: June 04, 2011, 06:29:19 PM »
What is that Win32:FakeAlert-AAB [TRJ], which was on Avast files..?

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88899
  • No support PMs thanks
Re: Process 1656 (avastsvc.exe) Win32:FakeAlert-AAB [TRJ]
« Reply #1 on: June 04, 2011, 07:26:49 PM »
Do you happen to be running a custom scan and scanning memory ?

I suspect so, as it looks like it is detecting avast virus signatures in memory.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Damstas

  • Guest
Re: Process 1656 (avastsvc.exe) Win32:FakeAlert-AAB [TRJ]
« Reply #2 on: June 04, 2011, 08:09:42 PM »
Do you happen to be running a custom scan and scanning memory ?

I suspect so, as it looks like it is detecting avast virus signatures in memory.

I was scanning everything along with that, so it´s Avast:s own fakevirus..?

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88899
  • No support PMs thanks
Re: Process 1656 (avastsvc.exe) Win32:FakeAlert-AAB [TRJ]
« Reply #3 on: June 04, 2011, 08:33:04 PM »
No, it is detecting an unencrypted signature loaded into memory by the avastsvc.exe process.

Scanning memory can bring strange results.

Since they aren't physical files they can't be moved to the chest, deleted, etc. so there is no action that can be taken, hence the Apply button being greyed out.

The detections in memory are frequently other security applications loading unencrypted virus signatures into memory. Having set off a scan of memory by an antivirus application looking for virus signatures, don't be too surprised if it finds some in memory.

- With a resident on-access antivirus like avast, the need for frequent on-demand scans is much depreciated. For the most part the on-demand scan is going to be scanning files that would be otherwise be dormant or inert. If they were active files then the on-access file system shield would be scanning them before being created, modified, opened or executed.

I have avast set to do a scheduled weekly Quick scan, set at a time and day that I know the computer will be on. If for some reason my system wasn't on, no big deal I will catch up on the next scheduled scan.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security