Author Topic: [Resolved] Found Something Bad  (Read 6449 times)

0 Members and 1 Guest are viewing this topic.

Offline Para-Noid

  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 6711
  • Trust only what you test yourself!
[Resolved] Found Something Bad
« on: January 01, 2011, 01:58:20 AM »
The report:
C:\WINDOWS\SYSTEM32\APISlice.dll
Severity: High
Threat: WIN32MALWARE
Action: Moved to chest.
Sorry I don't know how to do screen captures.
What is this? I am glad avast caught it. And for a change I was not looking for trouble...it found me.
« Last Edit: January 01, 2011, 06:24:37 PM by Para-Noid »
Dell Inspiron, Win10x64--HP Envy Win10x64--Both systems Avast Free v17.9.2322, Comodo Firewall v8.2 w/D+, MalwareBytes v3.0, OpenDNS, Super Anti-Spyware, Spyware Blaster, MCShield, Unchecky, Vivaldi Browser and, various browser security tools.

"Look before you leap!" Use online scanners before you click on any link.

Offline marc-d-l

  • Poster
  • *
  • Posts: 421
Re: Found Something Bad
« Reply #1 on: January 01, 2011, 02:13:41 AM »
what do you have as a firewall ?
Window 7 64 bits SP1 premium Avast 2014.9.0.2018  free, Firefox 29.0.1  MBAM, free spywareblaster, ABP,   Comodo firewall and a routerfirewall, Winpatrol.Superantispyware,Zemana Anti Logger.

Offline Para-Noid

  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 6711
  • Trust only what you test yourself!
Re: Found Something Bad
« Reply #2 on: January 01, 2011, 03:24:16 AM »
what do you have as a firewall ?
Window firewall.
Dell Inspiron, Win10x64--HP Envy Win10x64--Both systems Avast Free v17.9.2322, Comodo Firewall v8.2 w/D+, MalwareBytes v3.0, OpenDNS, Super Anti-Spyware, Spyware Blaster, MCShield, Unchecky, Vivaldi Browser and, various browser security tools.

"Look before you leap!" Use online scanners before you click on any link.

Offline schmidthouse

  • VIRUS FREE A Long Time
  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 6700
  • When you think you know, Think Again
Re: Found Something Bad
« Reply #3 on: January 01, 2011, 03:24:16 AM »
The report:
C:\WINDOWS\SYSTEM32\APISlice.dll
Severity: High
Threat: WIN32MALWARE
Action: Moved to chest.
Sorry I don't know how to do screen captures.
What is this? I am glad avast caught it. And for a change I was not looking for trouble...it found me.

Did you submit the item in the Chest to Avast for analysis. If you right click the file in the chest what options does it show...if any ???
***HP ENVY 15K LT W10 Pro 20H2 64Bit/750GB HD/16GB Ram/Avast Premium 21.2.2450b/Secureline VPN v.5.9.5357b/ADU v.21.1.1187b/ASB v.88.0b/SANDBOXIE-plus/MailWasherPRO
**HP Compaq 8510p LT W10 Pro 20H2 64Bit/1TB HD/8GB Ram/Avast Premium 21.2.2450b/ADU v.21.1.1187b/SANDBOXIE/MailWasherPRO/HotSpot Shield
     
*Dell Inspiron XPsp4 PRO 32Bit/Avast(since 2002)18.8.2356/WP/Comodo FW 3.14/Secureline/Comodo IceDragon v.40
LAYERED SECURITY SOFTWARE PROTECTION

Offline DavidR

  • Avast √úberevangelist
  • Certainly Bot
  • *****
  • Posts: 84559
  • No support PMs thanks
Re: Found Something Bad
« Reply #4 on: January 01, 2011, 03:55:29 AM »
I don't believe there is any need to submit it to avast as it is fairly clear that it is a good detection, see http://www.virustotal.com/file-scan/report.html?id=fc3b5e2c9e3338e6b722dacf49bdc819a0f3504ffca43882300e2c356fb2b38c-1293831396, where 16 of 43 scanners find something in it.

There is no rush to delete anything from the chest, a protected area where it can do no harm. Anything that you send to the chest you should leave there for a few weeks. If after that time you have suffered no adverse effects from moving these to the chest, scan them again (inside the chest) and if they are still detected as viruses, delete them.
Windows 10 Home 2004 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 21.1.2449 (build 21.1.5968.561) UI-1.0.597/ WinPatrol+/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline schmidthouse

  • VIRUS FREE A Long Time
  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 6700
  • When you think you know, Think Again
Re: Found Something Bad
« Reply #5 on: January 01, 2011, 04:11:26 AM »
I don't believe there is any need to submit it to avast as it is fairly clear that it is a good detection, see http://www.virustotal.com/file-scan/report.html?id=fc3b5e2c9e3338e6b722dacf49bdc819a0f3504ffca43882300e2c356fb2b38c-1293831396, where 16 of 43 scanners find something in it.

There is no rush to delete anything from the chest, a protected area where it can do no harm. Anything that you send to the chest you should leave there for a few weeks. If after that time you have suffered no adverse effects from moving these to the chest, scan them again (inside the chest) and if they are still detected as viruses, delete them.

 Hey DavidR: What is the general process as I have not had a virus with Avast installed as yet. ;D
Is it typical to run with Virus Total first( before thinking of submitting to Avast)? Or not. ???
« Last Edit: January 01, 2011, 04:13:42 AM by schmidthouse »
***HP ENVY 15K LT W10 Pro 20H2 64Bit/750GB HD/16GB Ram/Avast Premium 21.2.2450b/Secureline VPN v.5.9.5357b/ADU v.21.1.1187b/ASB v.88.0b/SANDBOXIE-plus/MailWasherPRO
**HP Compaq 8510p LT W10 Pro 20H2 64Bit/1TB HD/8GB Ram/Avast Premium 21.2.2450b/ADU v.21.1.1187b/SANDBOXIE/MailWasherPRO/HotSpot Shield
     
*Dell Inspiron XPsp4 PRO 32Bit/Avast(since 2002)18.8.2356/WP/Comodo FW 3.14/Secureline/Comodo IceDragon v.40
LAYERED SECURITY SOFTWARE PROTECTION

Offline DavidR

  • Avast √úberevangelist
  • Certainly Bot
  • *****
  • Posts: 84559
  • No support PMs thanks
Re: Found Something Bad
« Reply #6 on: January 01, 2011, 04:56:03 AM »
There is only a need to submit to avast of you believe it to be a false positive detection. and before you can do that it needs to be confirmed at somewhere like virustotal.
Windows 10 Home 2004 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 21.1.2449 (build 21.1.5968.561) UI-1.0.597/ WinPatrol+/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline schmidthouse

  • VIRUS FREE A Long Time
  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 6700
  • When you think you know, Think Again
Re: Found Something Bad
« Reply #7 on: January 01, 2011, 05:03:23 AM »
There is only a need to submit to avast of you believe it to be a false positive detection. and before you can do that it needs to be confirmed at somewhere like virustotal.

Thanks ;)
***HP ENVY 15K LT W10 Pro 20H2 64Bit/750GB HD/16GB Ram/Avast Premium 21.2.2450b/Secureline VPN v.5.9.5357b/ADU v.21.1.1187b/ASB v.88.0b/SANDBOXIE-plus/MailWasherPRO
**HP Compaq 8510p LT W10 Pro 20H2 64Bit/1TB HD/8GB Ram/Avast Premium 21.2.2450b/ADU v.21.1.1187b/SANDBOXIE/MailWasherPRO/HotSpot Shield
     
*Dell Inspiron XPsp4 PRO 32Bit/Avast(since 2002)18.8.2356/WP/Comodo FW 3.14/Secureline/Comodo IceDragon v.40
LAYERED SECURITY SOFTWARE PROTECTION

Offline YoKenny

  • Serious Graphoman
  • **
  • Posts: 8784
Re: Found Something Bad
« Reply #8 on: January 01, 2011, 05:07:30 AM »
E5200 2.5GHZ, 4GB RAM, 320GB HD, Windows 7 Home Premium 64bit, avast! V9.0 Free, IE10
P4 2.8GHZ, 1.5GB RAM, 40GB HD, XP Pro SP3 32bit, avast! V9.0 Free, Google Chrome
with hpHosts, MVPS HOSTS files, SpeedFan, WinPatrol PLUS

Offline Para-Noid

  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 6711
  • Trust only what you test yourself!
Re: Found Something Bad
« Reply #9 on: January 01, 2011, 05:12:03 AM »
The report:
C:\WINDOWS\SYSTEM32\APISlice.dll
Severity: High
Threat: WIN32MALWARE
Action: Moved to chest.
Sorry I don't know how to do screen captures.
What is this? I am glad avast caught it. And for a change I was not looking for trouble...it found me.

Did you submit the item in the Chest to Avast for analysis. If you right click the file in the chest what options does it show...if any ???
No. When I right clicked nothing happened.
Dell Inspiron, Win10x64--HP Envy Win10x64--Both systems Avast Free v17.9.2322, Comodo Firewall v8.2 w/D+, MalwareBytes v3.0, OpenDNS, Super Anti-Spyware, Spyware Blaster, MCShield, Unchecky, Vivaldi Browser and, various browser security tools.

"Look before you leap!" Use online scanners before you click on any link.

Offline Para-Noid

  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 6711
  • Trust only what you test yourself!
Re: Found Something Bad
« Reply #10 on: January 01, 2011, 05:17:29 AM »
I don't believe there is any need to submit it to avast as it is fairly clear that it is a good detection, see http://www.virustotal.com/file-scan/report.html?id=fc3b5e2c9e3338e6b722dacf49bdc819a0f3504ffca43882300e2c356fb2b38c-1293831396, where 16 of 43 scanners find something in it.

There is no rush to delete anything from the chest, a protected area where it can do no harm. Anything that you send to the chest you should leave there for a few weeks. If after that time you have suffered no adverse effects from moving these to the chest, scan them again (inside the chest) and if they are still detected as viruses, delete them.
How do you re-scan an item in the Virus Chest?
Dell Inspiron, Win10x64--HP Envy Win10x64--Both systems Avast Free v17.9.2322, Comodo Firewall v8.2 w/D+, MalwareBytes v3.0, OpenDNS, Super Anti-Spyware, Spyware Blaster, MCShield, Unchecky, Vivaldi Browser and, various browser security tools.

"Look before you leap!" Use online scanners before you click on any link.

Offline schmidthouse

  • VIRUS FREE A Long Time
  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 6700
  • When you think you know, Think Again
Re: Found Something Bad
« Reply #11 on: January 01, 2011, 05:17:53 AM »
The report:
C:\WINDOWS\SYSTEM32\APISlice.dll
Severity: High
Threat: WIN32MALWARE
Action: Moved to chest.
Sorry I don't know how to do screen captures.
What is this? I am glad avast caught it. And for a change I was not looking for trouble...it found me.

Did you submit the item in the Chest to Avast for analysis. If you right click the file in the chest what options does it show...if any ???
No. When I right clicked nothing happened.

No worries, I wasn't sure as I have not had to submit anything from the Virus Chest. And as DavidR mentioned, there isn't any need in any case.
Like everyone else....I live and learn :-\
***HP ENVY 15K LT W10 Pro 20H2 64Bit/750GB HD/16GB Ram/Avast Premium 21.2.2450b/Secureline VPN v.5.9.5357b/ADU v.21.1.1187b/ASB v.88.0b/SANDBOXIE-plus/MailWasherPRO
**HP Compaq 8510p LT W10 Pro 20H2 64Bit/1TB HD/8GB Ram/Avast Premium 21.2.2450b/ADU v.21.1.1187b/SANDBOXIE/MailWasherPRO/HotSpot Shield
     
*Dell Inspiron XPsp4 PRO 32Bit/Avast(since 2002)18.8.2356/WP/Comodo FW 3.14/Secureline/Comodo IceDragon v.40
LAYERED SECURITY SOFTWARE PROTECTION

Offline Para-Noid

  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 6711
  • Trust only what you test yourself!
Re: Found Something Bad
« Reply #12 on: January 01, 2011, 05:31:22 AM »
I don't believe there is any need to submit it to avast as it is fairly clear that it is a good detection, see http://www.virustotal.com/file-scan/report.html?id=fc3b5e2c9e3338e6b722dacf49bdc819a0f3504ffca43882300e2c356fb2b38c-1293831396, where 16 of 43 scanners find something in it.

There is no rush to delete anything from the chest, a protected area where it can do no harm. Anything that you send to the chest you should leave there for a few weeks. If after that time you have suffered no adverse effects from moving these to the chest, scan them again (inside the chest) and if they are still detected as viruses, delete them.
Went to virustotal and no waiting for results.
Dell Inspiron, Win10x64--HP Envy Win10x64--Both systems Avast Free v17.9.2322, Comodo Firewall v8.2 w/D+, MalwareBytes v3.0, OpenDNS, Super Anti-Spyware, Spyware Blaster, MCShield, Unchecky, Vivaldi Browser and, various browser security tools.

"Look before you leap!" Use online scanners before you click on any link.

Offline Para-Noid

  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 6711
  • Trust only what you test yourself!
Re: Found Something Bad
« Reply #13 on: January 01, 2011, 05:33:11 AM »
I don't believe there is any need to submit it to avast as it is fairly clear that it is a good detection, see http://www.virustotal.com/file-scan/report.html?id=fc3b5e2c9e3338e6b722dacf49bdc819a0f3504ffca43882300e2c356fb2b38c-1293831396, where 16 of 43 scanners find something in it.

There is no rush to delete anything from the chest, a protected area where it can do no harm. Anything that you send to the chest you should leave there for a few weeks. If after that time you have suffered no adverse effects from moving these to the chest, scan them again (inside the chest) and if they are still detected as viruses, delete them.
What does 16/43 means a good detection?
Dell Inspiron, Win10x64--HP Envy Win10x64--Both systems Avast Free v17.9.2322, Comodo Firewall v8.2 w/D+, MalwareBytes v3.0, OpenDNS, Super Anti-Spyware, Spyware Blaster, MCShield, Unchecky, Vivaldi Browser and, various browser security tools.

"Look before you leap!" Use online scanners before you click on any link.

Offline Gargamel360

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 2346
  • Memento Mori
Re: Found Something Bad
« Reply #14 on: January 01, 2011, 05:39:29 AM »
I would say yes, that is conclusive enough to call it a good detection.
Signature?  But I gots no pen....