Author Topic: Suspicious detection!  (Read 2645 times)

0 Members and 1 Guest are viewing this topic.

galjo

  • Guest
Suspicious detection!
« on: May 10, 2010, 06:10:45 PM »


as far as i understand runtime files are from Visual C++, so idk why did avast pick up those


also, i cant delete or do anything to them because("Access denied(5)") *note the warning on the screenshot is in slovene*

thanks for your help

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88900
  • No support PMs thanks
Re: Suspicious detection!
« Reply #1 on: May 10, 2010, 07:10:08 PM »
There is something wrong with your image as the link fails double http part and even when removing that it doesn't show the image when you arrive at the site.

Simpler to crop the image to show only the relevant part the active window and attach it to your post. Or simply copy and past the list of files and locations of the detections from the log file.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

galjo

  • Guest
Re: Suspicious detection!
« Reply #2 on: May 10, 2010, 08:24:36 PM »


Uploaded with ImageShack.us


sorry just noticed that it doesnt work ;x

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88900
  • No support PMs thanks
Re: Suspicious detection!
« Reply #3 on: May 10, 2010, 08:53:58 PM »
Right the detection might be good, I have msvcm90.dll on my system, but not msvcm90d.dll (so I couldn't scan that one).

My scan of msvcm90.dll came up clean (on winXP Pro SP3)

There are two copies of this msvcm90.dll file in different locations both came up clean (see image), the MD5 and SHA1 hashes are below.

MD5:
67BDB40FBE6CECC320507161B58D134A
SHA1:
11EC8313BA20E96A0F776A018586CC127A451E16

So I would advise, confirming at VT.
You could also check the offending/suspect file at: VirusTotal - Multi engine on-line virus scanner and report the findings here the URL in the Address bar of the VT results page. You can't do this with the file securely in the chest, you need to extract it to a temporary (not original) location first, see below.

Create a folder called Suspect in the C:\ drive. Now exclude that folder in the File System Shield, Expert Settings, Exclusions, Add, type (or copy and paste) C:\Suspect\* That will stop the File System Shield scanning any file you put in that folder.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security