Avast WEBforum
Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: glnz on November 26, 2019, 03:21:02 PM
-
On my Win 7 Pro 64-bit (on my home Dell Optiplex which also dual-boots Win 10 Pro 64-bit), I ran Microsoft Safety Scanner for the first time. (Version 1.0.3001.0.)
It says that HackTool:Win32/LSASecretsView.BH has NOT been removed. It also found and removed three other items.
First, What should I do?
Second, how did this get past my Avast Free? (My Avast is fully updated. It's version 19.8.2393.)
Here's a link to the results report from the Microsoft Safety Scan (link to a Word doc with a pic of the results):
https://1drv.ms/w/s!ArpWuno4XUAMiSWgrnNGcWZRdZt8?e=ksSO7T (https://1drv.ms/w/s!ArpWuno4XUAMiSWgrnNGcWZRdZt8?e=ksSO7T)
Thanks.
-
Second, how did this get past my Avast Free?
1. maybe microsoft false positive?
2. no security program have 100% detection
Do you use any craked software ?
https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=HackTool:Win32/PasswordFox.A!bit&ThreatID=-2147232825
https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=HackTool:Win32/Wirekeyview
https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=HackTool:Win32/LSASecretsView.BH&threatId=-2147222052
https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=Trojan:Win32/Generic!BV&threatId=-2147226149
First, What should I do?
If you need help, same place as always >> https://forum.avast.com/index.php?topic=194892.0
-
pondus - thanks, but your links don't provide the answer.
Anyone have a thought as to how specifically to search for and then fix HackTool:Win32/LSASecretsView.BH ?
-
Hacktools can be used to patch or "crack" some software so it will run without a valid license or genuine product key.
pondus - thanks, but your links don't provide the answer.
Anyone have a thought as to how specifically to search for and then fix HackTool:Win32/LSASecretsView.BH ?
as posted above >> Logs to assist in cleaning malware >> https://forum.avast.com/index.php?topic=194892.0
I guess you have these programs installed:
HackTool:Win32/LSASecretsView.BH https://www.nirsoft.net/utils/lsa_secrets_view.html
HackTool:Win32/Wirekeyview https://www.nirsoft.net/utils/wireless_key.html
HackTool:Win32/PasswordFox.A!bit https://www.nirsoft.net/utils/passwordfox.html
-
I just ran an Avast boot scan, but Avast did NOT find the malware.
Says I had zero infected files.
Not good!
-
avast boot scan does not give any better detection then the normal scan
Files (program) is not infected but classed as hacktool / riskware, so avast may have selected not to detect these or you have to turn on avast pup detection if not already done
-
These were probably PUP (based on this one that has hacktool name). PUP's are not picked up with real-time protection and has to be enabled separately for on-demand scans.
-
I wonder why my post was deleted in this topic ???
I've just given a link to microsoft website with information