PJ Wales

AVG False reading for a2services?

Recommended Posts

Hi,

 

As the topic says for the last few days now been getting AVG popping up with a virus warning but no where I can see what the cause of this no background software or recent installation etc.

 

however upon investigating it closely it seems a2services is creating temporary temp folder in windows/temp and AVG is flagging them as virus when only file in there is a 0btye temp file.

 

I have posted up a screenshot of the details, does any one else having this problem or have I got problems ran both AVG and Anit-Malware and both coming up as systems clean.

 

Image 1 shows the AVG Detection

dnreKoZ.png

 

Image 2 shows the AVG Virus found listing

dQnzRam.png

 

Image 3 shows the AVG details about the virus

FJKOXgU.png

Share this post


Link to post
Share on other sites

Those temporary files are created by our products when scanning within archives. What happens in your case is that EAM scans an archive that contains a malicious file. We unpack that malicious file to a temporary location in order to scan it. That triggers the AVG real time scan which scans the file's content before we can and triggers a warning. This can happen the other way around as well by the way. If AVG ever swaps files out to disk, we may end up scanning and detecting them.

The best way to solve those issues is to exclude EAM from AVG and vice versa. I haven't used AVG in a while, but I am sure the AVG manual will include instructions on how to exclude processes from being monitored by AVG. Just exclude a2service.exe. To exclude AVG in EAM, just go to Protection/File Guard/Manage white-list and add all the AVG processes to the list. Make sure to set the type of each entry to "Process" and tick all 3 check boxes.

Share this post


Link to post
Share on other sites

Fabian,

 

many thanks for the prompt reply and I have opened the AVG to add the a2services to the exemption list and shall see how it goes as it is the AVG picking up the alert rather than EAM, hwoever if EAM is picking up the alert then I shall do the same for EAM but so far it is AVG picking the alert so added the exemption to AVG.

 

Will report back if it stops as it normally happens every hour or so.

 

Thanks, PJ 

Share this post


Link to post
Share on other sites

 

 

Those temporary files are created by our products when scanning within archives. What happens in your case is that EAM scans an archive that contains a malicious files

 

 

 

I am getting an alert from avg as well,for a java exploit, right at the end of 2 eam updates a day apart.

 

If this is the case,why do I get the same alert in the second eam update after allowing avg to

remove the threat in the first?

Do I still have a malicious file? Both avg and eam scans are clean.

Thanks

Share this post


Link to post
Share on other sites

During updates we do re-scan all objects in your quarantine to figure out if any of them have been reclassified as false positives. That scan can again trigger unpacks to temporary files that AVG may pick up. As I said, your best course of action is to exclude EAM in AVG and vice versa. That way EAM won't interfere with AVG and AVG won't interfere with EAM. As a positive side effect it will reduce the resource impact both products have on your system.

Share this post


Link to post
Share on other sites

As I read "quarantine " it all made sense. The pop was right at the end of the update

when quarantined files are scanned.

Thanks for your quick response Fabian, I will put a2services on avg's exemptions list.

Share this post


Link to post
Share on other sites

I write this post because of an infection is suspected, it's this nice Trojan at the bottom of the screenshot, which I get tired for a few days, as of now: broken and not working IE: jerking CD E: / empty all the time (like yesterday to seek scanning the disc - Kaspersky Rescue disc 10 and after pulling the plate I thought smash drive), the total lack of connections Torrent and hourly message from AVG has detected a Trojan, which was apparently removed, but then the next window is the same, so I doubt that the removal.

Scan Emsisoft AM: 0 (clean), RCD Kaspersky scan boot cd 10: 0, RCD10 Kaspersky scan Windows Explorer mode: 0,

 LOG.TXT:

 

OTL: http://www.wklejto.pl/216475 i http://www.wklejto.pl/216476

 

FRST Fix Log: http://www.wklejto.pl/216477

FRST Aditional: http://www.wklejto.pl/216478

FRST Shotcut: http://www.wklejto.pl/216479

 

AdwCleaner [R0] http://www.wklejto.pl/216429
AdwCleaner [S0] http://www.wklejto.pl/216431
 
RK  Report [0] _S_112 ...http://www.wklejto.pl/216432
GMER anti-rootkit  http://www.wklejto.pl/216439

44669143387153236152_thumb.jpg82386354120747646094_thumb.jpg
    

C: \ AdwCleaner \ Quarantine \ C \ Windows \ System32 \ roboot64.exe.vir variety of threats Win64 / Systweak.A potentially unwanted application deleted - quarantined
     C: \ Users \ Home \ Desktop \ ccsetup500pro.exe Win32 / Bundled.Toolbar.Google.D potentially dangerous application deleted - quarantined

 

With an image that Emsisoft Anti-Malware creates some temporary files, so why AVG IS 2015 Virus detects and tells them to restart Windows in any case detect / appearance / create temp file in the C: / Windows / Temp.???

 

EDIT:

 
I have not seen previously  this topic please join posts with: http://support.emsisoft.com/topic/16115-avg-false-reading-for-a2services/

 

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.