Jump to content
Peaty

SAS Real Time seeing Avast as critical threat

Recommended Posts

Is anyone else having the same issue? I'm using Avast Internet Protection V 7.0.1474, the latest paid version and SAS real time protection has a pop up showing all these FP's about Avast It basically locked my PC. SAS said to do a scan but nothing would work, I had to bring up the task manager and reboot. It's happened again after the reboot but I was able to do a quick scan (log below) I've submitted the FP as suggested but now I'm sitting idle. I have the paid version of Malywarebytes and that has not seen anything neither did avast. SAS is blocking Avast from updating too. I think I should trust selected items but am hesitant of course:

SUPERAntiSpyware Scan Log

https://www.superantispyware.com

Generated 12/21/2012 at 09:28 AM

Application Version : 5.6.1014

Core Rules Database Version : 9775

Trace Rules Database Version: 7587

Scan type : Quick Scan

Total Scan Time : 00:05:18

Operating System Information

Windows XP Professional 32-bit, Service Pack 3 (Build 5.01.2600)

Administrator

Memory items scanned : 814

Memory threats detected : 4

Registry items scanned : 35869

Registry threats detected : 6

File items scanned : 9010

File threats detected : 6

Trojan.Agent/Gen-Siggen

HKLM\System\CurrentControlSet\Services\ASWFSBLK

C:\WINDOWS\SYSTEM32\DRIVERS\ASWFSBLK.SYS

HKLM\System\CurrentControlSet\Enum\Root\LEGACY_ASWFSBLK

C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST5\ASWIDLE.DLL

C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST5\ASWIDLE.DLL

Trojan.Agent/Gen-Agent

HKLM\System\CurrentControlSet\Services\ASWRDR

C:\WINDOWS\SYSTEM32\DRIVERS\ASWRDR.SYS

HKLM\System\CurrentControlSet\Enum\Root\LEGACY_ASWRDR

HKLM\System\CurrentControlSet\Services\AVAST! ANTIVIRUS

C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST5\AVASTSVC.EXE

HKLM\System\CurrentControlSet\Enum\Root\LEGACY_AVAST! ANTIVIRUS

C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST5\AVASTSVC.EXE

Trojan.Agent/Gen-Agentsmall

C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST5\DEFS\12122100\FWAUX.DLL

C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST5\DEFS\12122100\FWAUX.DLL

C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST5\AHRESJS.DLL

C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST5\AHRESJS.DLL

Share this post


Link to post
Share on other sites

The issue is, or could be, that Avast will prevent itself from being removed by SAS and then I end up with a locked PC. Seem's that happened when SAS's Real Time protection popped up, Avast and SAS were at odds and I had to force a reboot after I turned off SAS's real time protection. I'd rather not have to uninstall the AV since that takes quite a bit of time and may not resolve the issue. It's not an Avast issue AFAIK but an SAS one. I'm hoping they come up with a solution that is simpler.

Share this post


Link to post
Share on other sites

We have had two updates in the past hour to correct these problems. Mine seems to be working fine now.

Database Version 9777 - 12-21-2012

Trojan.Agent/Gen 1 Items Added/Updated Trojan.Agent/Gen-Dropper 2 Items Added/Updated Trojan.Agent/Gen-FakeAlert 1 Items Added/Updated Trojan.Agent/Gen-FakeAV 1 Items Added/Updated Trojan.Agent/Gen-Frauder 1 Items Added/Updated

Database Version 9776 - 12-21-2012

Trojan.Agent/Gen-FakeAV 1 Items Added/Updated Trojan.Agent/Gen-Inject 1 Items Added/Updated Trojan.Agent/Gen-KillAV 1 Items Added/Updated Trojan.Agent/Gen-Klez 1 Items Added/Updated Trojan.Agent/Gen-Rimecud 1 Items Added/Updated Trojan.Agent/Gen-Spy 1 Items Added/Updated Trojan.Agent/Gen-Tepfer 1 Items Added/Updated

Share this post


Link to post
Share on other sites

Thanks for the heads up, updating now. I figured if I were patient they would respond. SAS has always taken car of me.:

Update, I've re-enabled the real time protection and looks like the issue has been taken car of.

Share this post


Link to post
Share on other sites

Trust the selected items and re-scan. You may have to re-install Avast if SAS has cleaned it already to replace missing files.You may not be able to trust items once they have been cleaned. uninstall Avast, Uninstall SAS. Re-install Avast first, then re- install SAS, Run scan and then you can trust items.

Share this post


Link to post
Share on other sites

Hi All,

We're still investigating what happened in the release procedure to cause this false positive issue. The offending definitions have been removed completely from the database.

My sincerest apologies for the false alarm. :-(

Thanks,

Geoff

Share this post


Link to post
Share on other sites

For me, I did what SouthernKittyComputing suggested the first time I got the FP that helped in not seeing the message pop up in a scan or the real time window. Unchecked the FP's and turned off the real time protection. Avast would still not update so then I went to the SAS Bug in the tray (bottom right corner of the screen), Right Clicked on the bug and selected "View Blocked Spyware Applications..." and selected the Avast app that was being blocked and highlighted it and selected "Allow /Trust Item" That let avast run and update. Later when the update came out I applied it and turned on the real time protection again. Everything is fine now.

Share this post


Link to post
Share on other sites

You should not have to re-install Avast.

Make sure SAS is updated, then proceed to uninstall Avast, but instead of choosing Uninstall, choose Repair. Once the repair is complete, restart the computer and Avast should be fine.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

×