Salenai 0 Posted July 3, 2019 Share Posted July 3, 2019 Hello, My Avast license has expired, once that happened, after couple of days I decided to scan my computer as I always do, with Eset, Roguekiller, Malwarebytes, Mbar, and Avast. I scan with only one thing at a time. Eset for some reason (almost certainly false positive) found this: C:\Program Files\AVAST Software\Avast\setup\aswOfferTool.exe Win32/Bundled.Toolbar.Google.D potenciálne zneužiteľná aplikácia chyba pri mazaní (Prístup odmietnutý) C:\Program Files\AVAST Software\Avast\setup\offertool_x64_ais-94f.vpx Win32/Bundled.Toolbar.Google.D potenciálne zneužiteľná aplikácia chyba pri mazaní (Prístup odmietnutý) So,according to this, there is Bundles.Toolbar.Google.D and it cannot be deleted by Eset Online Scanner. (for info, I use Eset Online scanner only as a one time use, IMO it shows better results than regular Eset). I also scanned files with virustotal and nothing shows up: https://www.virustotal.com/gui/file/52aa6ad3ac357075d8ff55cca5931cc8388966a840302a2b484c79f3c4d104d4/detection and https://www.virustotal.com/gui/file/52aa6ad3ac357075d8ff55cca5931cc8388966a840302a2b484c79f3c4d104d4/detection I had my computer turned off during last couple of days, and last time I had it turned on I also scanned it, it was at the time I had Avast License,and nothing was found. So,basically, it was turned off, there was nothing that could have infected it since last scan. Only Avast license has expired,and antivirus/antimalware programs, including Eset Online Scanner received updates. So this probable false positives came with new update for Eset Online Scanner. I attached Eset report file and also packed both files that show up as positive. Is this please false positive? Thanks eset.txt pack.zip Link to comment Share on other sites More sharing options...
Administrators Marcos 5,404 Posted July 3, 2019 Administrators Share Posted July 3, 2019 It seems you have already contacted samples[at]eset.com as well where you've received a response. The detection is correct. The reason why EOS couldn't delete the file could be that you have another AV installed which is protecting files in its folders. Salenai 1 Link to comment Share on other sites More sharing options...
Salenai 0 Posted July 3, 2019 Author Share Posted July 3, 2019 (edited) 25 minutes ago, Marcos said: It seems you have already contacted samples[at]eset.com as well where you've received a response. The detection is correct. The reason why EOS couldn't delete the file could be that you have another AV installed which is protecting files in its folders. Wait, so,this is not false positive? This is an actual malware? Is it dangerous?and how come it showed up now and not before during scan that I took a week ago (during this week I have not used PC at all and had it turned off). So, do you recommend me to uninstall Avast, remove detections and install another antivirus? I managed to delete it during Safe Mode, if they will not show up now during normal scan, can I keep Avast? Thanks Edited July 3, 2019 by Salenai Added info Link to comment Share on other sites More sharing options...
Administrators Marcos 5,404 Posted July 3, 2019 Administrators Share Posted July 3, 2019 Potentially unwanted and unsafe applications are not malicious in any way. According to https://support.eset.com/kb2629/: A potentially unwanted application (PUA) is a program that contains adware, installs toolbars or has other unclear objectives. There are some situations where a user may feel that the benefits of a potentially unwanted application outweigh the risks. Potentially unsafe applications are legitimate applications that may be misused in the wrong hands (e.g. a process killer tool misused to kill AV). The detection also covers certain toolbars. It is disabled by default which is probably why the app hadn't been detected until recently. Link to comment Share on other sites More sharing options...
Salenai 0 Posted July 3, 2019 Author Share Posted July 3, 2019 13 minutes ago, Marcos said: Potentially unwanted and unsafe applications are not malicious in any way. According to https://support.eset.com/kb2629/: A potentially unwanted application (PUA) is a program that contains adware, installs toolbars or has other unclear objectives. There are some situations where a user may feel that the benefits of a potentially unwanted application outweigh the risks. Potentially unsafe applications are legitimate applications that may be misused in the wrong hands (e.g. a process killer tool misused to kill AV). The detection also covers certain toolbars. It is disabled by default which is probably why the app hadn't been detected until recently. Thanks a lot so,they belong to avast,right? i deleted them from safe mode, EOS doesnt find them anymore. Link to comment Share on other sites More sharing options...
SeriousHoax 87 Posted July 3, 2019 Share Posted July 3, 2019 (edited) Avast is a privacy nightmare. They do a lot of shady things in the background, make fool of their customers using constant annoyances, give them a false sense of danger and try to pursue users to buy their VPN, etc. They used to have a overseer.exe file that remained in the system even after uninstalling the product and it would send data to their server. What the hell!!! Their installer bundles Google Chrome in it too. In terms of protection it's a good product but I find those constant nagging, privacy issues unbearable. Avast itself feels like a PUP to me. Maybe it's better if you ditch their product and try other better products free from all these problems. Edited July 3, 2019 by SeriousHoax Link to comment Share on other sites More sharing options...
Most Valued Members Nightowl 206 Posted July 4, 2019 Most Valued Members Share Posted July 4, 2019 21 hours ago, SeriousHoax said: Avast is a privacy nightmare. They do a lot of shady things in the background, make fool of their customers using constant annoyances, give them a false sense of danger and try to pursue users to buy their VPN, etc. They used to have a overseer.exe file that remained in the system even after uninstalling the product and it would send data to their server. What the hell!!! Their installer bundles Google Chrome in it too. In terms of protection it's a good product but I find those constant nagging, privacy issues unbearable. Avast itself feels like a PUP to me. Maybe it's better if you ditch their product and try other better products free from all these problems. I wouldn't like an AntiVirus software offering me to use Toolbars or some other unwanted things, or even offer me to install a specific Browser.. , If It was the Free Edition , then I would have understood that they might do that because it is the Free Edition , but when you are a paid customer , then I don't know why they do that. Link to comment Share on other sites More sharing options...
Recommended Posts