Author Topic: Two items of Malware found following re-subscription to Avast (Read 2221 times)

kyloglen · « **on:** August 22, 2020, 04:26:15 PM »

Could be a total coincidence but the same night I re-subscribed to Avast, I set a virus scan to complete and went to sleep, when I woke up, Avast had found two possible Malware items

Win32:Malware-gen - libGLESv2.dll - D:Battlenet\Heroes of the Storm\Support\BlizzardBrowser
Win32:Dropper-gen [Drp] libGLESv2.dll - D\Steam\steamappls\common\Trove

Both found during the same scan, they've both been quarantined now but I read online one virus is able to open a backdoor for others & one is able to replicate itself. Also read that they're both undefined and haven't been seen before/enough to be categorised or named, so does this mean they could just be false positives? It's the same file in both games, I haven't used any Blizzard programs in ages and I haven't even played Trove since I installed it. Not sure if they've had any updates to introduce files which would be detected as false positives either.

Also worth noting, I have Avast Premium and have always had it - was simply renewing my subscription, so there wasn't a period I was without it. I also run Malwarebytes and that detected nothing on it's scan.

Asyn · « **Reply #1 on:** August 22, 2020, 04:39:56 PM »

Test the file at VT (https://www.virustotal.com) and post the link to the result here.

kyloglen · « **Reply #2 on:** August 22, 2020, 04:45:13 PM »

Do I bring it out of Quarantine then? or is there a way to do so without taking it out

Asyn · « **Reply #3 on:** August 22, 2020, 04:50:56 PM »

Yes. If you don't want to take the risk, you can send it from chest to threat lab for analysis.

kyloglen · « **Reply #4 on:** August 22, 2020, 04:56:36 PM »

This is what it's showing.

https://prnt.sc/u41gy4

Asyn · « **Reply #5 on:** August 22, 2020, 04:57:53 PM »

You can report a suspected FP (File/Website) here: https://www.avast.com/false-positive-file-form.php

kyloglen · « **Reply #6 on:** August 22, 2020, 04:59:54 PM »

So would you suggest it's a false positive? Where do you think they've come from, because they didn't show up on the virus scan a few days prior? I haven't opened battle.net in a while so don't think it would have updated & as I say, I haven't played Trove ever, and it's been installed for a long time.

Asyn · « **Reply #7 on:** August 22, 2020, 05:01:16 PM »

Quote from: kyloglen on August 22, 2020, 04:59:54 PM

So would you suggest it's a false positive?

Yes, most certainly.

bob3160 · « **Reply #8 on:** August 22, 2020, 05:03:18 PM »

Report a false positive (select file or website)
https://www.avast.com/false-positive-file-form.php

Asyn · « **Reply #9 on:** August 22, 2020, 05:05:20 PM »

Quote from: bob3160 on August 22, 2020, 05:03:18 PM

Report a false positive (select file or website)
https://www.avast.com/false-positive-file-form.php

See Reply #5.

Author Topic: Two items of Malware found following re-subscription to Avast (Read 2221 times)

kyloglen

Two items of Malware found following re-subscription to Avast

Asyn

Re: Two items of Malware found following re-subscription to Avast

kyloglen

Re: Two items of Malware found following re-subscription to Avast

Asyn

Re: Two items of Malware found following re-subscription to Avast

kyloglen

Re: Two items of Malware found following re-subscription to Avast

Asyn

Re: Two items of Malware found following re-subscription to Avast

kyloglen

Re: Two items of Malware found following re-subscription to Avast

Asyn

Re: Two items of Malware found following re-subscription to Avast

bob3160

Re: Two items of Malware found following re-subscription to Avast

Asyn

Re: Two items of Malware found following re-subscription to Avast